hudson.ClassicPluginStrategy.useAntClassLoader

false

1.316

hudson.ConsoleNote.INSECURE

false

2.44 / 2.32.2

Whether to load unsigned console notes (see SECURITY-382 on Jenkins Security Advisory 2017-02-01)

hudson.consoleTailKB

150

Actually works since 2.98/2.89.3

How many KB of console log to show in default console view

hudson.diagnosis.HudsonHomeDiskUsageChecker.freeSpaceThreshold

1073741824 (up to Jenkins 2.39)
10737418240 (from Jenkins 2.40)

1.339

If there's less than this amount of free disk space, in bytes, on the disk with the Jenkins home directory, and the disk is 90% or more full, a warning will be shown to administrators

hudson.diyChunking

false

Set to true if the servlet container doesn't support chunked encoding

hudson.DNSMultiCast.disabled

false

1.359

Set to "true" to disable DNS multicast

hudson.FilePath.VALIDATE_ANT_FILE_MASK_BOUND

10000

1.592

Max. number of operations to validate a file mask (e.g. pattern to archive artifacts).

hudson.footerURL

http://jenkins-ci.org/

1.416

Allows tweaking the URL displayed at the bottom of Jenkins' UI

hudson.Functions.autoRefreshSeconds

10

1.365

Number of seconds between reloads when Auto Refresh is enabled

hudson.lifecycle

Specify full class name for Lifecycle implementation to override default

Disable security hardening for LogRecorderManager Stapler access.

Possibly unsafe, see 2018-12-05 security advisory.

hudson.matrix.MatrixConfiguration.useShortWorkspaceName

false

Use shorter but cryptic names in matrix build workspace directories. Avoids problems with 256 character limit on paths in Cygwin, path depths problems on Windows, and shell metacharacter problems with label expressions on most platforms. See JENKINS-25783.

Disable security hardening related to Stapler routing for AbstractItem

Possibly unsafe, see 2018-12-05 security advisory.

hudson.model.AsyncAperiodicWork.logRotateMinutes

1440

1.651

The number of minutes after which to try and rotate the log file used by any AsyncAperiodicWork extension. For fine-grained control of a specific extension you can use the FullyQualifiedClassName.logRotateMinutes system property to only affect a specific extension.

It is not anticipated that you will ever need to change these defaults

hudson.model.AsyncAperiodicWork.logRotateSize

-1

1.651

When starting a new run of any AsyncAperiodicWork extension, if this value is non-negative and the existing log file is larger than the specified number of bytes then the log file will be rotated. For fine-grained control of a specific extension you can use the FullyQualifiedClassName.logRotateSize system property to only affect a specific extension.
It is not anticipated that you will ever need to change these defaults

hudson.model.AsyncPeriodicWork.logRotateMinutes

1440

1.651

The number of minutes after which to try and rotate the log file used by any AsyncPeriodicWork extension. For fine-grained control of a specific extension you can use the FullyQualifiedClassName.logRotateMinutes system property to only affect a specific extension.
It is not anticipated that you will ever need to change these defaults

hudson.model.AsyncPeriodicWork.logRotateSize

-1

1.651

When starting a new run of any AsyncPeriodicWork extension, if this value is non-negative and the existing log file is larger than the specified number of bytes then the log file will be rotated. For fine-grained control of a specific extension you can use the FullyQualifiedClassName.logRotateSize system property to only affect a specific extension.
It is not anticipated that you will ever need to change these defaults

hudson.model.DirectoryBrowserSupport.CSP

sandbox; default-src 'none'; image-src 'self'; style-src 'self';

1.625.3, 1.641

Determines the Content Security Policy header sent for static files served by Jenkins. See Configuring Content Security Policy for more details.

hudson.model.DownloadService.never

false

Suppress the periodic download of data files for plugins

hudson.model.Hudson.flyweightSupport

was:false
1.337:true
1.598:unused

1.318

Matrix parent job and other flyweight tasks (e.g. Build Flow plugin) won't consume an executor when true. Unused since 1.598, flyweight support is now always enabled

hudson.model.Hudson.killAfterLoad

false

Exit Jenkins right after loading

jenkins.model.Jenkins.logStartupPerformance

false

Log startup timing info

jenkins.model.Jenkins.slaveAgentPort

-1 (disabled)

1.643

Specifies the default TCP slave agent port unless/until configured differently on the UI. -1 to disable, 0 for random port, other values for fixed port. Used to be 0 by default before Jenkins 2.0

jenkins.model.Jenkins.slaveAgentPortEnforce

false

2.19.4 and 2.24

If true, enforces the specified jenkins.model.Jenkins.slaveAgentPort on startup and will not allow changing it through the UI

hudson.model.Hudson.parallelLoad

true

Loads job configurations in parallel on startup

hudson.model.LoadStatistics.clock

10000

Load statistics clock cycle in milliseconds

hudson.model.LoadStatistics.decay

0.9

Decay ratio for every clock cycle in node utilization charts

hudson.model.MultiStageTimeSeries.chartFont

SansSerif-10

1.562

Font used for load statistics (see Java documentation on how the value is decoded)

hudson.model.ParametersAction.keepUndefinedParameters

undefined

1.651.2 / 2.3

If true, not discard parameters for builds that are not defined on the job. Enabling this can be unsafe
Since Jenkins 2.40, if set to false, will not log a warning message that parameters were defined but ignored.

hudson.model.ParametersAction.safeParameters

(empty)

1.651.2 / 2.3

Comma-separated list of additional build parameter names that should not be discarded even when not defined on the job.

hudson.model.Queue.cacheRefreshPeriod

1000

1.577 up to 1.647

Defines the refresh period for the internal queue cache (in milliseconds). The greater period workarounds web UI delays on large installations, which may be caused by locking of the build queue by build executors. Downside - builds appear in the queue with a noticeable delay.

hudson.model.Run.ArtifactList.listCutoff

16

1.330

More artifacts than this will use tree view or simple link rather than listing out artifacts

hudson.model.Run.ArtifactList.treeCutoff

40

1.330

More artifacts than this will show a simple link to directory browser rather than showing artifacts in tree view

hudson.model.Slave.workspaceRoot

workspace

1.341?

name of the folder within the slave root directory to contain workspaces

hudson.model.UpdateCenter.className

n/a

2.4

Allow overriding the implementation class for update center. Useful for custom war distributions with a different update center implementation. Cannot be used for plugins.

hudson.model.UpdateCenter.defaultUpdateSiteId

default

2.4

Configure a different ID for the default update site. Useful for custom war distributions or externally provided UC data files

hudson.model.UpdateCenter.never

false

When true, don't automatically check for new versions

Disable security hardening related to Stapler routing for UpdateCenter

Possibly unsafe, see 2018-12-05 security advisory.

hudson.model.UsageStatistics.disabled

false

1.312 or so?

Set to true to opt out of usage statistics collection, independent of UI option.

hudson.model.User.allowNonExistentUserToLogin

false

1.602

When true, does not check auth realm for existence of user if there's a record in Jenkins. Unsafe, but may be used on some instances for service accounts

hudson.model.User.allowUserCreationViaUrl

false

2.44 / 2.32.2

Whether admins accessing /user/example creates a user record (see SECURITY-406 on Jenkins Security Advisory 2017-02-01)

hudson.model.User.SECURITY_243_FULL_DEFENSE

true

1.651.2 / 2.3

When false, skips part of the fix that tries to determine whether a given user ID exists, and if so, doesn't consider users with the same full name during resolution.

Disable security hardening related to Stapler routing for User

Possibly unsafe, see 2018-12-05 security advisory.

hudson.model.WorkspaceCleanupThread.disabled

false

Don't clean up old workspaces on slave nodes

hudson.model.WorkspaceCleanupThread.recurrencePeriodHours

24

1.608

How often workspace cleanup should run, in hours.

hudson.model.WorkspaceCleanupThread.retainForDays

30

1.608

Unused workspaces are retained for this many days before qualifying for deletion.

hudson.os.solaris.ZFSInstaller.disabled

false

True to disable ZFS monitor on Solaris

hudson.PluginManager.CHECK_UPDATE_ATTEMPTS

Disable security hardening related to Stapler routing for PluginManager

Possibly unsafe, see 2018-12-05 security advisory.

hudson.PluginManager.workDir

hudson.PluginStrategy

Allow plugins to be loaded into a different environment, such as an existing DI container like Plexus; specify full class name here to override default ClassicPluginStrategy

hudson.PluginWrapper.dependenciesVersionCheck.enabled

true

2.0

Set to false to skip the version check for plugin dependencies.

hudson.ProxyConfiguration.DEFAULT_CONNECT_TIMEOUT_MILLIS

20000

2.0

Connection timeout applied to connections e.g. to the update site.

hudson.scheduledRetention

false

Up to 1.354

Control a slave based on a schedule

hudson.scm.CVSSCM.skipChangeLog

false

Useful with ancient versions of CVS that don't support the -d option in the log command

Disable security hardening related to Stapler routing for Search

Possibly unsafe, see 2018-12-05 security advisory.

hudson.security.AccessDeniedException2.REPORT_GROUP_HEADERS

false

2.46 / 2.32.3

If set to true, restore pre-2.46 behavior of sending HTTP headers on "access denied" pages listing group memberships.

hudson.security.ArtifactsPermission

false

1.374

The Artifacts permission allows to control access to artifacts; When this property is unset or set to false, access to artifacts is not controlled

hudson.security.csrf.requestfield

.crumb (Jenkins 1.x), Jenkins-Crumb (Jenkins 2.0+

1.310

Parameter name that contains a crumb value on POST requests

hudson.security.ExtendedReadPermission

false

1.324

The ExtendedReadPermission allows read-only access to "Configure" pages; can also enable with extended-read-permission plugin

Regex for legal user names in Jenkins user database. See https://jenkins.io/security/advisory/2018-05-09/#SECURITY-786

hudson.security.LDAPSecurityRealm.groupSearch

Mouseover

LDAP filter to look for groups by their names

hudson.security.WipeOutPermission

false

1.416

The WipeOut permission allows to control access to the "Wipe Out Workspace" action, which is normally available as soon as the Build permission is granted

hudson.slaves.ChannelPinger.pingInterval

5

1.405

(Deprecated since 2.37) Frequency (in minutes) of pings between the master and slaves

hudson.slaves.ChannelPinger.pingIntervalSeconds

300

2.37

Frequency of pings between the master and slaves, in seconds

hudson.slaves.ChannelPinger.pingTimeoutSeconds

240

2.37

Timeout for each ping between the master and slaves, in seconds

hudson.slaves.WorkspaceList

@

1.424

When concurrent builds is enabled, a unique workspace directory name is required for each concurrent build. To create this name, this token is placed between project name and a unique ID, e.g. "my-project@123".

hudson.tasks.ArtifactArchiver.warnOnEmpty

false

When true, builds don't fail when there is nothing to archive

hudson.tasks.Fingerprinter.enableFingerprintsInDependencyGraph

false

1.430

When true, jobs associated through fingerprints are added to the dependency graph, even when there is no configured upstream/downstream relationship between them.

hudson.tasks.MailSender.maxLogLines

250

Number of lines of console output to include in emails

hudson.TcpSlaveAgentListener.hostName

n/a

Host name that Jenkins advertises to its clients. Especially useful when running Jenkins behind a reverse proxy.

hudson.TcpSlaveAgentListener.port

n/a

Port that Jenkins advertises to its clients. Especially useful when running Jenkins behind a reverse proxy.

hudson.TreeView

false

Experimental nested views feature

hudson.triggers.SCMTrigger.starvationThreshold

1 hour

Milliseconds waiting for polling executor before trigger reports it is clogged

hudson.udp

33848

Port for UDP multicast broadcast (set to -1 to disable)

hudson.upstreamCulprits

false

1.327

Pass blame information to downstream jobs

hudson.Util.noSymLink

false

True to disable creation of symbolic links in job/builds directories

hudson.util.ProcessTree.disable

false

True to disable cleanup of child processes

hudson.util.RingBufferLogHandler.defaultSize

256

1.563

Number of log entries in loggers available on the UI at /log/

hudson.util.Secret.provider

1.360

Force a particular crypto provider; with Glassfish Enterprise set value to SunJCE to workaround a known issue.

hudson.Util.symlinkEscapeHatch

false

True to use exec of "ln" binary to create symbolic links instead of native code

hudson.Util.maxFileDeletionRetries

3

2.2

The number of times to attempt to delete files/directory trees
before giving up and throwing an exception.
Specifying a value less than 1 is invalid and will be treated as if a value of 1 (i.e. one attempt, no retries) was specified.
See JENKINS-10113 and JENKINS-15331.

hudson.Util.deletionRetryWait

100

2.2

The time (in milliseconds) to wait between attempts to delete files when retrying. This has no effect unless hudson.Util.maxFileDeletionRetries is greater than 1.
If zero, there will be no delay between attempts. If negative, the delay will be a (linearly) increasing multiple of this value between attempts.

hudson.Util.performGCOnFailedDelete

false

2.2

If this flag is set to true then we will request a garbage collection after a deletion failure before we next retry the delete. It is ignored unless hudson.Util.maxFileDeletionRetries is greater than 1.
Setting this flag to true may resolve some problems on Windows, and also for directory trees residing on an NFS share, but it can have a negative impact on performance and may have no effect at all (GC behavior is JVM-specific).
Warning: This should only ever be used if you find that your builds are failing because Jenkins is unable to delete files, that this failure is because Jenkins itself has those files locked "open", and even then it should only be used on slaves with relatively few executors (because the garbage collection can impact the performance of all job executors on that slave).
Setting this flag is a act of last resort - it is not recommended, and should not be used on your main Jenkins server unless you can tolerate the performance impact.

jenkins.CLI.disabled

false

2.32 and 2.19.3

true to disable Jenkins CLI via JNLP and HTTP (SSHD can still be enabled)

jenkins.model.Jenkins.disableExceptionOnNullInstance

false

2.4 only

true to disable throwing an IllegalStateException when Jenkins.getInstance() returns null

jenkins.model.Jenkins.enableExceptionOnNullInstance

false

2.5

true to enable throwing an IllegalStateException when Jenkins.getInstance() returns null

Allows to change the directory layout for the job workspaces on the master node. See jenkins.model.Jenkins.buildsDir for supported placeholders.

Disable URL validation intended to prevent an XSS vulnerability. See https://jenkins.io/security/advisory/2019-09-25/#SECURITY-1471 for details.

jenkins.InitReactorRunner.concurrency

2x of CPU

During start of Jenkins, loading of jobs in parallel have a fixed number of threads by default (twice the CPU). To make Jenkins load time 8x faster, increase it to 8x. For example, 24 CPU Jenkins Master host use this: -Dhudson.InitReactorRunner.concurrency=192

jenkins.install.runSetupWizard

undefined

2.0

Set to false to skip install wizard. Note that this leaves Jenkins unsecured by default.
Development-mode only: Set to true to not skip showing the setup wizard during Jenkins development.

NOTE: This property is only effective the first time you run Jenkins in given JENKINS_HOME.

true to allow users with ADMINISTER permission to create API tokens using the new system for any user.

NOTE: The user will not be able to use that token since it's only displayed to the creator, once.

jenkins.security.ApiTokenProperty.showTokenToAdmins

false

1.638

True to show API tokens for users to administrators on the user configuration page. This was set to false as part of SECURITY-200

jenkins.security.FrameOptionsPageDecorator.enabled

true

1.581

Whether to send X-Frame-Options: sameorigin header, set to false to disable and make Jenkins embeddable

jenkins.slaves.JnlpSlaveAgentProtocol3.enabled

undefined

1.653

false to disable the JNLP3 agent protocol, true to enable it. Otherwise it's randomly enabled/disabled to A/B test it.

jenkins.slaves.NioChannelSelector.disabled

false

1.560

true to disable Nio for JNLP slaves

org.jenkinsci.main.modules.sshd.SSHD.idle-timeout

undefined

2.22

Allows to configure the SSHD client idle timeout (value in milliseconds). Default value is 10min (600000ms).