Add updates count badge to Updates sidebar item

[janfaracik]

Adds back the updates count badge introduced and removed in #6783, this time by adding an attribute to the task.jelly component so that any view/plugin can use it.

Proposed changelog entries

• Add updates count badge to Updates sidebar item.

Proposed upgrade guidelines

N/A

Submitter checklist

• (If applicable) Jira issue is well described
• Changelog entries and upgrade guidelines are appropriate for the audience affected by the change (users or developer, depending on the change) and are in the imperative mood. Examples
  • Fill-in the Proposed changelog entries section only if there are breaking changes or other changes which may require extra steps from users during the upgrade
• Appropriate autotests or explanation to why this change has no tests
• New public classes, fields, and methods are annotated with @Restricted or have @since TODO Javadoc, as appropriate.
• New deprecations are annotated with @Deprecated(since = "TODO") or @Deprecated(forRemoval = true, since = "TODO") if applicable.
• New or substantially changed JavaScript is not defined inline and does not call eval to ease future introduction of Content-Security-Policy directives (see documentation on jenkins.io).
• For dependency updates: links to external changelogs and, if possible, full diffs

Desired reviewers

@jenkinsci/sig-ux

Maintainer checklist

Before the changes are marked as ready-for-merge:

• There are at least 2 approvals for the pull request and no outstanding requests for change
• Conversations in the pull request are over OR it is explicit that a reviewer does not block the change
• Changelog entries in the PR title and/or Proposed changelog entries are accurate, human-readable, and in the imperative mood
• Proper changelog labels are set so that the changelog can be generated automatically
• If the change needs additional upgrade steps from users, upgrade-guide-needed label is set and there is a Proposed upgrade guidelines section in the PR title. (example)
• If it would make sense to backport the change to LTS, a Jira issue must exist, be a Bug or Improvement, and be labeled as lts-candidate to be considered (see query).

[timja]

lgtm, tested locally

[NotMyFault]

Looks nice :)

(feedback is non-blocking)

[daniel-beck]

Looks reasonable. Implementation is fine.

There should be usage guidelines.

[timja]

There should be usage guidelines.

@janfaracik is that something you're able to add to design library before we ship this?

missed something

[janfaracik]

There should be usage guidelines.

@janfaracik is that something you're able to add to design library before we ship this?

Will do, am I good to add it to the existing 'Layouts' PR?

[daniel-beck]

I think there should there be support for badges in context menus. For a generalized feature (e.g. imagine badges with open issues in various warnings-ng contributed sidepanel tasks) it probably makes sense to support that. Another use case of an improved task API for the context menu would be Manage Jenkins and entries like "Manage Old Data" or "In-process Script Approval" that could show a badge.

[timja]

Will do, am I good to add it to the existing 'Layouts' PR?

Yes 👍

[janfaracik]

Will do, am I good to add it to the existing 'Layouts' PR?

Yes 👍

Updated that PR with some examples of when to use badges:

[timja]

Do you plan to address Daniel's comment on badges in context menu's in this PR?

[janfaracik]

Do you plan to address Daniel's comment on badges in context menu's in this PR?

I'd favour doing them separately to this PR (just to get this in as I think its a nice-to-have), happy to do it though in this if you prefer @daniel-beck?

[daniel-beck]

I'd prefer that this is done at the same time, to have parity between sidepanel and menus. (Unless there's a UX reason that menus should not have these badges, now or later, of course.)

[timja]

@janfaracik do you plan to take a look at the context menu changes?

[janfaracik]

@janfaracik do you plan to take a look at the context menu changes?

I will do for sure, just a little swamped at the moment.

[github-actions]

Please take a moment and address the merge conflicts of your pull request. Thanks!

Changes addressed

[NotMyFault]

The number in the plugin manager could use the same color as the badge in the manage view:

But I consider this non-blocking feedback, thanks for your work!

[daniel-beck]

The tooltip isn't just in a "plain" HTML environment, but in an HTML attribute.

A tooltip of " onmouseenter=alert(1) " causes XSS.

As a general recommendation, stop concatenating strings to create HTML entirely.

obsolete

[janfaracik]

Is this PR good for merge notice now @timja?

[timja]

/label ready-for-merge

---

This PR is now ready for merge, after ~24 hours, we will merge it if there's no negative feedback.

Thanks!

[mawinter69]

This needs a better description. At the moment most people will assume this is just a simple text you can pass in but what is actually is required is a jenkins.management.Badge object.