Jenkins 2024 in Review

As we welcome 2025, we take a moment to reflect on the past year and celebrate some of our most memorable achievements, impactful projects, and significant changes over the last 366 days. Every contribution, no matter its form, plays a vital role in shaping the Jenkins project. Without the collective efforts of our contributors, supporters, and community members, Jenkins wouldn’t be what it is today. From every pull request to the grants and donations that enable Jenkins to meet the evolving needs of our community, we extend our heartfelt gratitude and deepest appreciation. Thank you for being part of our journey!

Jenkins 2024 By the Numbers from stats.jenkins.io:

Thanks to the efforts of the Jenkins infrastructure team, the Jenkins update center has been migrated to a new mirror-based architecture, which is 10x more cost-effective and is now in production. Over several months, Jenkins Infra performed multiple brownouts to test the services and ensure that the migration would be smooth. The tests were successful, and they were able to detect issues that would have caused major headaches for users. Thankfully, these issues were resolved, and while there were a few bumps post-migration, the update center has been doing very well over the last few weeks.

Throughout the year, the Jenkins infrastructure team has been working on several areas to reduce operating costs all around. This has taken the form of converting the spending and usage in some areas to others, migrating the update center, and finding new ways to alleviate the spending, all while increasing the overall Jenkins job count. Their efforts may sometimes be unseen, but they are always felt throughout the project.

At the beginning of 2024, Sonar worked with the Jenkins security team to address a previously unnoticed vulnerability. The issue was very niche and would only execute given a specific set of circumstances and permissions, so there was no larger threat here. However, the existence of this vulnerability was enough reason for Jenkins security and Sonar to collaborate and resolve this issue. Thanks to their in-depth work and tenacity in removing the vulnerability, Jenkins continues to be a secure and well-maintained DevOps platform.

Additionally, thanks to Alpha Omega for their grant and collaboration, we have been able to make a concerted effort to update the CSP for Jenkins. Their grant has allowed us to bring in two key contributors to take on the work of this project and their work has been nothing short of incredible. From the very start of the project, Shlomo Dahan and Yaroslav Afenkin, under the guidance of Basil Crow, have been working furiously to help improve the CSP of Jenkins and bring some of the most important plugins up to speed.

By the numbers:

In addition to the collaboration with Sonar, the Jenkins Security team has worked constantly throughout 2024 to ensure that security issues are acknowledged and resolved whether they are for Jenkins core or plugins within the ecosystem.

Over the summer, the Jenkins weekly release line made the move to require Java 17 as a baseline. This was an important update to keep up with current usage and start the process of dropping support for Java 11. Thanks to the hard work and dedication of Jenkins developers, the transition was successful and we saw a steady rise in JDK 17 installation and usage. By the end of the October LTS release, the Java 17 requirement had been thoroughly tested and used over the preceding months, ensuring that its inclusion would be safe. Since the October release of LTS 2.479.1, we have not seen any major issues with Java 17 usage. While there have been some hiccups when it comes to upgrading plugins alongside the Jenkins LTS, these have been addressed as they come up and typically can be resolved by ensuring the plugin is updated before and after upgrading Jenkins.

In addition to the move to Java 17, Jenkins developers worked tirelessly to upgrade to Spring Security and Framework 6, Eclipse Jetty 12, and Jakarta EE 9. These upgrades were crucial to ensuring that Jenkins is keeping up with current trends and usage of the platform. They are also major updates in security, ensuring that the Jenkins project is doing everything it can to protect its users during development.

We’ve completed one full year of Contributor Spotlight posts, highlighting the different backgrounds, skills, and work that make up the Jenkins community. This space has allowed us to show appreciation for those who keep Jenkins fresh, strong, and viable so consistently. From long-time contributors and early adopters of Jenkins to recent Google Summer of Code participants, there are all kinds of stories to tell and efforts to acknowledge. Thanks to all the contributors who have collaborated with us for the contributor spotlight and for allowing us to share their stories. Additionally, new contributors have been welcomed to Jenkins through community projects, including Hacktoberfest and another successful Google Summer of Code.

Through these partnerships and community projects, we have been able to expand the Jenkins community by welcoming new contributors to the project, regardless of the size of their contributions. By providing exposure to open-source practices and expectations, we have enriched the project and open-source community as a whole. While participating in these events, contributors have helped update areas of Jenkins documentation and the creation of stats.jenkins.io. Even though our Google Summer of Code projects are specific to Jenkins, how to work with an open-source project and engage with the community are invaluable experiences that will expand these contributors' skills beyond Jenkins. Both Hacktoberfest and GSoC have become yearly events for Jenkins and we thank them for allowing us to collaborate and to the contributors who help Jenkins continue to be an ever-growing project.

Throughout 2024, there were several events that Jenkins participated in that allowed us to connect with the Jenkins and extended open-source communities. We started the year by gathering in Brussels for FOSDEM and a hugely successful Jenkins contributor summit. The contributor summit provided a space for Jenkins contributors to meet and connect in person, get updates and roadmap plans from Jenkins officers, and work on a handful of different projects together. It is not often that we are all able to meet in person, so these events are hugely invaluable.

In addition to DevOps World and FOSDEM, Jenkins had a presence at the Open Source Summit Europe, where Bruno Verachten gave a talk detailing how and why the Jenkins tutorial revamp has been needed and successful. He shared details about how incorporating Docker Compose makes the tutorial experience more simplified and beneficial to the user overall, and how it is safer than using the previous Docker-in-Docker method. Users benefit from both the comfort of knowing their build is secure and a more straightforward example, allowing them to get started faster.

The last event of the year that involved Jenkins was an episode of Techstrong TV that featured Mark Waite, Basil Crow, Damien Duportal, and Kris Stern, where they discussed the challenges and successes of the ever-evolving Jenkins project. They discussed how upgrades and the constantly changing landscape of development influence the Jenkins project’s direction and what it takes to manage a large project like Jenkins. Thanks to Techstrong TV for having Jenkins on and to the Jenkins representatives for sharing their insights and anecdotes about the project.

There were also presentations from Jenkins contributors at the virtual DevOps World event, showcasing some of the UI/UX updates and enhancements that have been implemented in the last year. This includes everything from buttons and menu items being refreshed, to more modern page design, and enhancements intended to make the Jenkins user experience more smooth and inviting overall. There have been additional UI updates since the talk, such as providing the help text within Jenkins directly, instead of hiding it in an extra button. This allowed us to showcase the work and effort that goes into refining the Jenkins experience even further. Thanks to Jan Faracik and Tim Jacomb for delivering this talk and providing so many great updates to the Jenkins UI/UX.

Constantly working to enhance the Jenkins user experience, the folks working on UI/UX have a passion for making Jenkins more sleek and modern. One of the bigger UI enhancements completed in 2024 was moving away from Yahoo! User Interface for the project as a whole. This is the culmination of a lot of work by done by multiple contributors, all with the goal of eventually removing YUI from Jenkins completely. Several components have been updated using alternative frameworks, proving that this is both possible and the right path forward for Jenkins UI.

The Build History widget was also revamped, to modernize and clean up the UI while retaining the functionalities that users have come to rely on. This is another great example of the UI being enhanced with the help of community feedback. The Jenkins community is always able to share their thoughts on work being done within Jenkins, as having feedback helps guide any work that can or will affect users.

The Design Library also underwent a major UI overhaul. Prior to this, the Design Library had grown quite a bit and was not consistent across multiple areas. The work done makes the Design Library UI consistent, provides more clarity for grouped samples, includes multiple functionalities such as page editing, tab switching, and searching, and increases the overall usefulness of the Design Library. The modernization of the Design Library is further outlined in the above link and lists just how many changes went into this work.

Contributors have also modernized Jenkins menus and pages, incorporated user-generated requests, and implemented several changes to refine the UI, such as overhauling the search function. Jenkins is now over 13 years old, but it has received more than just a fresh coat of paint over the years, and the UI/UX SIG has played a critical role in making sure that Jenkins is as appealing as it is powerful. Additional thanks to all those who help enhance the Jenkins UX/UI through their efforts to provide the best experience possible. The following image illustrates some more specific examples of UI enhancements done over the past year.

Over the last year, we have received several grants and sponsorships that allow the project to not only continue to function but improve in ways that benefit all users and developers. We have used AWS and Microsoft Azure to provide many different services over the years, and their continued support allows us to continue to do so. From download points to powering the controllers that build Jenkins, their donations help ensure Jenkins' lights stay on.

Thanks to all of our sponsors, for supporting Jenkins throughout the year in so many ways and places. From providing infrastructure support, financial support, or making it possible for Jenkins to reach further globally, we would be remiss if we did not share our appreciation for all that you provide: