Our new release branches wait for explicit authorization in order to build. The causes because these branches are new, and inherited the security changes from master, whereas the previous release branches did not include the plug-in. We should modify the Jenkins file on those branches to indicate to the security plug-in that those branches are safe to build.
This issue affects both Marathon and Metronome
Here is a recent stalled out build as a result of this issue:
Marathon releases/1.6 and Metronome releases/0.4 jobs build automatically for release branches after commits are merged, and do not wait for explicit authorization.