Bump org.jenkins-ci.main:jenkins-core from 2.502 to 2.505

[dependabot]

Bumps org.jenkins-ci.main:jenkins-core from 2.502 to 2.505.

Release notes

Sourced from org.jenkins-ci.main:jenkins-core's releases.

2.505

This is an automatically generated changelog draft for Jenkins weekly releases. See https://www.jenkins.io/changelog/2.493/ for the official changelog for this release.

🚨 Removed

• JENKINS-75370 - Deprecate hudson.util.Scrambler (#10377) @​daniel-beck

🚀 New features and improvements

• Refresh user api token ui with cards and dialogs (#10484) @​mawinter69
• JENKINS-75370 - Deprecate hudson.util.Scrambler (#10377) @​daniel-beck
• Add telemetry for /extensionList/ URL (#10423) @​daniel-beck
• Add 'No plugins' notice to Appearance configuration page (#10478) @​janfaracik
• Use dropdown for the default view of a user (#10482) @​mawinter69
• Improve UI of secret and password entry (#10489) @​janfaracik
• Remove 'theme-color' property (#10481) @​janfaracik
• Standardise widths of Manage Jenkins pages (#10479) @​janfaracik

🐛 Bug fixes

• JENKINS-33704 - Limit scope of Jenkins#updateComputerList to improve performance at scale (#10494) @​Vlatombe
• Only limit height of console widget (#10368) @​PhilippHomann
• JENKINS-75320 - use the url for linking (#10308) @​scherler
• JENKINS-75441 - Add value attribute to button element in submit.jelly (#10430) @​Geo-Austin

👷 Changes for plugin developers

• JENKINS-75370 - Deprecate hudson.util.Scrambler (#10377) @​daniel-beck
• Deprecate AbstractDescribableImpl (#10426) @​Vlatombe

All contributors: @​Geo-Austin, @​Jay-oao, @​MarkEWaite, @​PhilippHomann, @​StefanSpieker, @​Vlatombe, @​apuig, @​basil, @​daniel-beck, @​gbhat618, @​janfaracik, @​jenkins-release-bot, @​krisstern, @​mawinter69, @​renovate[bot], @​scherler, @​timja, github-actions[bot] and renovate[bot]

2.504

See https://www.jenkins.io/changelog/2.504/ for the official changelog for this release.

🔒 Security

Multiple security fixes. See the 2025-04-02 security advisory for details.

2.503

This is an automatically generated changelog draft for Jenkins weekly releases. See https://www.jenkins.io/changelog/2.503/ for the official changelog for this release.

🚀 New features and improvements

• JENKINS-75378 - Adding a CLI command listener (#10382) @​apuig

🐛 Bug fixes

... (truncated)

Commits

• a3b0b6a [maven-release-plugin] prepare release jenkins-2.505
• c769824 Revert "[JENKINS-75465] Delete RunIdMigrator as it has been 10 years since th...
• 76c461b Replaced in MasterBuildConfiguration config.groovy with config.jelly (#10...
• f45ba02 [JENKINS-33704] Limit scope of Jenkins#updateComputerList to improve perfor...
• 57bf8dd Fix new computer missing sidepanel (#10510)
• d2f279c Update eslint monorepo to v9.24.0 (#10513)
• 35ed30e Update dependency org.jenkins-ci:jenkins to v1.131 (#10511)
• 18b7916 Update dawidd6/action-send-mail action to use commit hash (#10512)
• 84bbfec Update dependency org.jenkins-ci.main:jenkins-test-harness to v2429 (#10509)
• 4bd12d8 Update dependency sass to v1.86.3 (#10503)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

☀️   Quality Monitor

Tests

     JUnit Tests: 100% successful (122 passed)

Code Coverage

   〰️   Line Coverage: 88% (102 missed lines)
   ➰   Branch Coverage: 78% (51 missed branches)

Style

     CheckStyle: No warnings
     PMD: No warnings

Bugs

     SpotBugs: No bugs
   🐛   Error Prone: 6 bugs (normal: 6)

API Problems

   🚫   Revapi: No warnings

Vulnerabilities

     OWASP Dependency Check: 198 vulnerabilities (error: 17, high: 56, normal: 119, low: 6)

Software Metrics

   🌀   Cyclomatic Complexity: 318 (total)
   💭   Cognitive Complexity: 173 (total)
   ➿   N-Path Complexity: 383 (total)
   📏   Lines of Code: 2884 (total)
   📝   Non Commenting Source Statements: 1152 (total)
   🔗   Class Cohesion: 100.00% (maximum)
   ⚖️   Weight of Class: 100.00% (maximum)

---

Created by Quality Monitor v2.5.3 (#8fa0834). More details are shown in the GitHub Checks Result.