ZeroClipboard 1.3.5 is rather incompatible with 1.1.7, and various API changes were needed.

 - setText() call doesn't work until the DOM is populated, which is at some unknown time AFAICT.
   installing it via the datarequested event avoids this problem.
 - constructor now demands the element to attach to, and it's unclear if relative positioning is working or not.
 - "display: inline-block" is needed for ZeroClipboard to correctly compute the height of the element

Protect default password value from users who are triggering builds.

Coerce the parameter value to one of a legal value

[FIXED SECURITY-155] Do not allow plugin code to be downloaded via doDynamic, only static resources.

[FIXED SECURITY-131] Recode restOfPath before constructing URLs from it, so it cannot be used for directory traversal.

[FIXED SECURITY-109] SECURITY-55 fix to BuildTrigger configuration failed if downstream project was not visible.

[FIXED SECURITY-107] When security-related fields in Jenkins cannot be unmarshaled, it is best to halt startup.

[FIXED SECURITY-93] PasswordParameterDefinition should serve existing default value in encrypted form.
And strengthen functional tests (using configRoundTrip) to ensure that the same mistake is not made elsewhere.

Running hypothesis: something historically saved a user configuration file with a bogus fullName;
thereafter anyone calling User.get(correctFullName) will get a User with the old fullName.
This would make the bug unreproducible in fresh Jenkins installations.

Use an href for external URL in @see clause

[JENKINS-18485] Enable Computer.EXTENDED_READ permission using "hudson.security.ExtendedReadPermission".

[JENKINS-18721] Imrovement of performance - now when ListView builds up it asks for all the jobs only once. This is important because RBAC plugin each time checks permissions for all these jobs which impacts performance