10

📦 Dependency updates

• Bump configuration-as-code-plugin.version from 1.36 to 1.41 (#225) @dependabot
• Bump cloudbees-folder from 6.12 to 6.13 (#247) @dependabot
• Bump trilead-api from 1.0.6 to 1.0.8 (#246) @dependabot
• Bump ansicolor from 0.6.3 to 0.7.0 (#243) @dependabot
• Bump script-security from 1.72 to 1.73 (#245) @dependabot
• Bump jenkins from 1.55 to 1.56 (#242) @dependabot
• Bump plugin from 4.1 to 4.2 (#241) @dependabot
• Bump credentials-binding from 1.22 to 1.23 (#237) @dependabot
• Bump script-security from 1.71 to 1.72 (#239) @dependabot
• Bump junit from 1.28 to 1.29 (#236) @dependabot
• Bump workflow-job from 2.38 to 2.39 (#235) @dependabot
• Bump plugin from 4.0 to 4.1 (#232) @dependabot
• Bump credentials-binding from 1.21 to 1.22 (#233) @dependabot
• Bump workflow-basic-steps from 2.19 to 2.20 (#234) @dependabot
• Bump timestamper from 1.11.2 to 1.11.3 (#230) @dependabot
• Bump workflow-scm-step from 2.9 to 2.11 (#178) @dependabot
• Bump branch-api from 2.5.5 to 2.5.6 (#229) @dependabot
• Bump credentials from 2.3.6 to 2.3.7 (#227) @dependabot
• Bump jenkins from 1.54 to 1.55 (#228) @dependabot
• Update to 4.0 parent pom (#226) @timja
• Bump credentials from 2.3.5 to 2.3.6 (#224) @dependabot
• Bump timestamper from 1.10 to 1.11.2 (#206) @dependabot

📝 Documentation updates

• README: Update title to be explicit that this BOM is for plugins (#231) @oleg-nenashev

9

🚨 Removed

• Add 2.222.x & 2.204.x, remove 2.150.x (#222) @timja & @jglick

8

📦 Dependency updates

• Bump cloudbees-folder from 6.11.1 to 6.12 (#221) @dependabot
• Bump trilead-api from 1.0.5 to 1.0.6 (#220) @dependabot
• Bump ssh-slaves from 1.30.4 to 1.31.2 (#215) @dependabot

7

🚀 New features and improvements

• Adding 2.190.x line (#110) @jglick & @timja

📦 Dependency updates

• Bump pipeline-build-step from 2.11 to 2.12 (#219) @dependabot
• Bump mailer from 1.30 to 1.32 (#218) @dependabot
• Bump durable-task from 1.33 to 1.34 (#216) @dependabot
• Bump script-security from 1.68 to 1.71 (#204) @dependabot
• Bump ansicolor from 0.6.2 to 0.6.3 (#194) @dependabot
• Bump workflow-job from 2.36 to 2.38 (#212) @dependabot
• Bump credentials-binding from 1.20 to 1.21 (#192) @dependabot
• Bump git-client from 3.0.0 to 3.2.1 (#208) @dependabot
• Bump credentials from 2.3.0 to 2.3.5 (#211) @dependabot
• Bump configuration-as-code from 1.34 to 1.35 (#172) @timja

👻 Maintenance

• Flaky CI builds (#213) @jglick

6

📦 Dependency updates

• Bump token-macro from 2.10 to 2.12 (#201) @dependabot
• Bump workflow-api from 2.39 to 2.40 (#196) @dependabot
• Bump workflow-cps from 2.78 to 2.80 (#190) @dependabot
• Bump workflow-api from 2.38 to 2.39 (#186) @dependabot
• Bump jenkins from 1.53 to 1.54 (#173) @dependabot
• Bump workflow-support from 3.3 to 3.4 (#169) @dependabot
• Bump plain-credentials from 1.5 to 1.6 (#182) @dependabot
• Bump pipeline-build-step from 2.9 to 2.11 (#160) @dependabot
• Bump workflow-basic-steps from 2.18 to 2.19 (#155) @dependabot
• Bump workflow-api from 2.37 to 2.38 (#159) @dependabot
• Bump branch-api from 2.5.4 to 2.5.5 (#158) @dependabot
• Bump workflow-cps from 2.76 to 2.78 (#152) @dependabot
• Bump git-server from 1.8 to 1.9 (#153) @dependabot
• Bump command-launcher from 1.3 to 1.4 (#154) @dependabot
• Bump configuration-as-code from 1.33 to 1.34 (#156) @dependabot
• Bump cloudbees-folder from 6.9 to 6.10.1 (#157) @dependabot
• Bump jenkins from 1.52 to 1.53 (#151) @dependabot

👻 Maintenance

• Read failFast from a file (#180) @jglick
• Bump up PCT (#163) @jglick
• Bump groovy-all from 2.4.18 to 2.4.19 (#203) @dependabot
• Bump groovy-all from 2.4.17 to 2.4.18 (#165) @dependabot

5

🚨 Removed

• Removed 2.138.x line (#147) @jglick

📦 Dependency updates

• Bump jdk-tool from 1.3 to 1.4 (#143) @dependabot
• Bump workflow-step-api from 2.20 to 2.22 (#149) @dependabot
• Bump workflow-durable-task-step from 2.34 to 2.35 (#136) @dependabot
• Bump script-security from 1.67 to 1.68 (#142) @dependabot
• Bump plugin from 3.53 to 3.55 (#146) @dependabot
• Bump git from 3.12.1 to 4.0.0 and git-client from 2.8.6 to 3.0.0 (#134) @dependabot
• Bump configuration-as-code from 1.32 to 1.33 (#141) @dependabot
• Bump plugin from 3.51 to 3.53 (#140) @dependabot
• Bump script-security from 1.66 to 1.67 (#138) @dependabot

👻 Maintenance

• Suppressing ConfigurationAsCodeTest failures (#150) @jglick

🚦 Tests

• GitAPITestCase.test_addSubmodule fails in PCT (#148) @jglick

4

📦 Dependency updates

• Bump workflow-cps from 2.75 to 2.76 (#137) @dependabot
• Bump apache-httpcomponents-client-4-api from 4.5.10-1.0 to 4.5.10-2.0 (#120) @dependabot
• Bump token-macro from 2.9 to 2.10 (#126) @dependabot
• Bump plugin from 3.50 to 3.51 (#128) @dependabot
• Bump workflow-job from 2.35 to 2.36 (#135) @dependabot
• Bump workflow-cps from 2.74 to 2.75 (#133) @dependabot
• Bump token-macro from 2.8 to 2.9 (#125) @dependabot
• Bump configuration-as-code from 1.30 to 1.32 (#121) @dependabot
• Bump mailer from 1.28 to 1.29 (#117) @dependabot
• Bump script-security from 1.64 to 1.66 (#114) @dependabot
• Bump ssh-credentials from 1.17.2 to 1.17.3 (#108) @dependabot

👻 Maintenance

• add timeout (#123) @Casz
• Update Plugin Compatibility Tester from 0.2.1 to 0.3.0 (#118) @oleg-nenashev
• Need a different way of enumerating lines when the latest is in a new directory name (#113) @jglick
• Generic file path for latest BOM to reduce merge conflicts (#112) @jglick

3

The BOMs for all Jenkins LTS lines are now released simultaneously, with new artifact IDs. If you had previously imported (say) io.jenkins.tools.bom:bom:2.150.1, you should now import io.jenkins.tools.bom:bom-2.150.x:3. See jenkinsci/build-token-root-plugin#30 for an example.

💥 Breaking changes

• JENKINS-58770 - Manage all BOM lines in one Git branch (#107) @jglick

2.176.4

🚀 New features and improvements

• add configuration-as-code plugin to Bill of Material (#78) @Casz
• Add pipeline-build-step to the managed set (#97) @basil
• Add pipeline-input-step to the managed set (#98) @basil

📦 Dependency updates

• Bump mailer from 1.27 to 1.28 (#106) @dependabot
• Bump plugin from 3.49 to 3.50 (#105) @dependabot
• Bump script-security from 1.62 to 1.64 (#104) @dependabot
• Bump apache-httpcomponents-client-4-api from 4.5.5-3.0 to 4.5.10-1.0 (#103) @dependabot
• Bump ssh-slaves from 1.30.1 to 1.30.2 (#101) @dependabot
• Bump git-client from 2.8.4 to 2.8.6 (#102) @dependabot
• Bump mailer from 1.26 to 1.27 (#93) @dependabot
• Bump ssh-credentials from 1.17.1 to 1.17.2 (#91) @dependabot
• Bump workflow-job from 2.34 to 2.35 (#90) @dependabot
• Bump workflow-durable-task-step from 2.33 to 2.34 (#89) @basil
• Bump git from 3.12.0 to 3.12.1 (#88) @dependabot
• Bump git-client from 2.8.2 to 2.8.4 (#87) @dependabot
• Bump mailer from 1.25 to 1.26 (#86) @dependabot
• Bump mailer from 1.24 to 1.25 (#85) @dependabot
• Bump workflow-cps from 2.73 to 2.74 (#83) @dependabot
• Bump workflow-api from 2.36 to 2.37 (#84) @dependabot

👻 Maintenance

• Plugin Compatibility Tester 0.2.0 (#94) @jglick

2.164.2

See 2.176.3.