Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Require Jenkins 2.452.4 or newer #139

Closed
wants to merge 7 commits into from
Closed

Require Jenkins 2.452.4 or newer #139

wants to merge 7 commits into from

Conversation

MarkEWaite
Copy link
Contributor

Require Jenkins 2.452.4 or newer

Require Jenkins 2.452.4 or newer

Jenkins 2.452.4 includes fixes for critical security vulnerabilities.

Jenkins 2.452.4 is one of the base Jenkins versions recommended to developers in choosing a Jenkins version.

As of the last plugin installation data (June 2024), Jenkins 2.440 already was the base installation for 65% of installations of this plugin. Certainly that percentage is even higher now.

Uses the plugin BOM to replace:

Includes changes from additional pull requests:

Testing done

Automated tests pass.

Submitter checklist

  • Make sure you are opening from a topic/feature/bugfix branch (right side) and not your main branch!
  • Ensure that the pull request title represents the desired changelog entry
  • Please describe what you did
  • Link to relevant issues in GitHub or Jira
  • Link to relevant pull requests, esp. upstream and downstream changes
  • Ensure you have provided tests - that demonstrates feature works or fixes the issue

dependabot bot and others added 7 commits March 18, 2024 15:13
@dependabot
Bump org.jenkins-ci.plugins:mailer
dc39ca6 
Bumps [org.jenkins-ci.plugins:mailer](https://github.com/jenkinsci/mailer-plugin) from 463.vedf8358e006b_ to 472.vf7c289a_4b_420.
- [Release notes](https://github.com/jenkinsci/mailer-plugin/releases)
- [Commits](https://github.com/jenkinsci/mailer-plugin/commits)

---
updated-dependencies:
- dependency-name: org.jenkins-ci.plugins:mailer
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
Bump io.jenkins.tools.incrementals:git-changelist-maven-extension
c6e9a1f 
Bumps [io.jenkins.tools.incrementals:git-changelist-maven-extension](https://github.com/jenkinsci/incrementals-tools) from 1.7 to 1.8.
- [Release notes](https://github.com/jenkinsci/incrementals-tools/releases)
- [Commits](jenkinsci/incrementals-tools@parent-1.7...parent-1.8)

---
updated-dependencies:
- dependency-name: io.jenkins.tools.incrementals:git-changelist-maven-extension
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
Bump org.jenkins-ci.plugins:plugin from 4.79 to 4.83
4a68ecf 
Bumps [org.jenkins-ci.plugins:plugin](https://github.com/jenkinsci/plugin-pom) from 4.79 to 4.83.
- [Release notes](https://github.com/jenkinsci/plugin-pom/releases)
- [Changelog](https://github.com/jenkinsci/plugin-pom/blob/master/CHANGELOG.md)
- [Commits](jenkinsci/plugin-pom@plugin-4.79...plugin-4.83)

---
updated-dependencies:
- dependency-name: org.jenkins-ci.plugins:plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
Bump org.apache.maven.plugins:maven-checkstyle-plugin
a17f41a 
Bumps [org.apache.maven.plugins:maven-checkstyle-plugin](https://github.com/apache/maven-checkstyle-plugin) from 3.3.1 to 3.4.0.
- [Commits](apache/maven-checkstyle-plugin@maven-checkstyle-plugin-3.3.1...maven-checkstyle-plugin-3.4.0)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-checkstyle-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@MarkEWaite
Merge branches 'dependabot/maven/master/org.jenkins-ci.plugins-plugin…
d037a91 
…-4.83', 'dependabot/maven/master/org.jenkins-ci.plugins-mailer-472.vf7c289a_4b_420', 'dependabot/maven/master/org.apache.maven.plugins-maven-checkstyle-plugin-3.4.0' and 'dependabot/maven/master/io.jenkins.tools.incrementals-git-changelist-maven-extension-1.8' into an-octopus
@MarkEWaite
Require Jenkins 2.452.4 or newer
867ad8d 
Jenkins 2.452.4 includes fixes for critical security vulnerabilities.

Jenkins 2.452.4 is one of the base Jenkins versions recommended in

* https://www.jenkins.io/doc/developer/plugin-development/choosing-jenkins-baseline/

As of the last plugin installation data (June 2024), Jenkins 2.440
already was the base installation for 65% of installations of this plugin.
Certainly that percentage is even higher now.
@MarkEWaite
Test with Java 21 and Java 17
244927b
@MarkEWaite MarkEWaite mentioned this pull request Nov 1, 2024
Closed
6 tasks
@MarkEWaite
Copy link
Contributor Author

@sboardwell I think that this pull request is a good starting point for the transition from acegi security to Spring Security.

@basil basil mentioned this pull request Nov 1, 2024
Merged
@basil basil closed this in #141 Nov 1, 2024
@MarkEWaite MarkEWaite deleted the an-octopus branch November 1, 2024 19:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@MarkEWaite