Yaroslav

> @yaroslavafenkin You removed the needs-security-review label but didn't add the approved one. Is there anything left to do? No, it's just that the change is simple enough to not...

> Re CodeMirror, please note I my ongoing attempt of that in https://github.com/jenkinsci/jenkins/pull/6867. Lots of plugins set invalid JSON as parameter which would result in this breaking. Oh that slipped....

Moved JENKINS-71514 to a separate PR: https://github.com/jenkinsci/jenkins/pull/8370

> Most appear compatible with this change (i.e., can easily be migrated), but https://github.com/jenkinsci/leanix-microservice-intelligence-plugin/blob/be5ba1f015bd72131620d10e315cca8eda7c77cb/src/main/java/io/jenkins/plugins/leanixmi/SettingsPanel.java#L56 and https://github.com/jenkinsci/credentials-plugin/blob/54b1c2c6388a3eaf49d3bd4ab55ab15b2abc2482/src/main/java/com/cloudbees/plugins/credentials/CredentialsSelectHelper.java#L602 (from a quick GH search) look like they cannot be adapted to the new...

I feel I haven't tested this enough yet. Also in the end of the recoding an `img-src` violation shows up, so I'll try to investigate it a bit.

`img-src` violation in console:  Triggered by clicking "Download PNG image" on a chart hamburger dropdown. Seems to be coming from `highchart-exporting.js`. Does not affect any of the functionalities on...

I have read the CLA Document and I hereby sign the CLA

Hi @sheldonhull, I've had a look at the correction. Let's follow up in JIRA on the corresponding security ticket, I've added a comment with my summary there.

Hey @jimklimov, we've noticed the issue. We'll try to review it if/when time permits.