Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump promoted-builds optional dependency to 892.vd6219fc0a_efb #378

Merged
merged 6 commits into from
May 6, 2024
Merged

Bump promoted-builds optional dependency to 892.vd6219fc0a_efb #378

merged 6 commits into from
May 6, 2024

Commits on May 6, 2024

  1. Bump promoted-builds optional dependency to 892.vd6219fc0a_efb 

    892.vd6219fc0a_efb was released 2 years ago.  Over 50% of all
installations of the promoted builds plugin are already using
892.vd6219fc0a_efb or newer.  Those users will see no difference from
this change, since they are already using 892.vd6219fc0a_efb.

Recent Jenkins versions will display broken icons with
older versions of the promoted builds plugin.  Fixed in
jenkinsci/promoted-builds-plugin#170 as part
of 873.v6149db_d64130

https://stats.jenkins.io/pluginversions/promoted-builds.html shows that
892.vd6219fc0a_efb is the second most popular release.  It is second
only to the most recent release, 945.v597f5c6a_d3fd.

A step towards eventually upgrading the promoted-builds optional
dependency that is part of the git plugin.  Attempts to update that
optional dependency have shown consistent failures in the plugin bill
of materials.

* jenkinsci/bom#3170
* jenkinsci/bom#2809

Bumps [promoted-builds](https://github.com/jenkinsci/promoted-builds-plugin) from 3.11 to 892.vd6219fc0a_efb
- [Release notes](https://github.com/jenkinsci/promoted-builds-plugin/releases/tag/892.vd6219fc0a_efb)

Also removes unnecessary exclusions
    @dependabot @MarkEWaite
    dependabot[bot] authored and MarkEWaite committed May 6, 2024
    Configuration menu
    Copy the full SHA
    1e5915f View commit details
    Browse the repository at this point in the history

  2. Use parent pom 4.82 

    https://github.com/jenkinsci/plugin-pom/releases/tag/plugin-4.82
    @MarkEWaite
    MarkEWaite committed May 6, 2024
    Configuration menu
    Copy the full SHA
    eb6ae65 View commit details
    Browse the repository at this point in the history

  3. Require Jenkins 2.426.3 or newer 

    https://stats.jenkins.io/pluginversions/parameterized-trigger.html shows
that 80% of the installations of 787.v665fcf2a_830b_ release (6 months
old) are already running Jenkins 2.426.3.

https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3314
advises users to upgrade to Jenkins 2.426.3 or newer to resolve a critical
security vulnerability.
    @MarkEWaite
    MarkEWaite committed May 6, 2024
    Configuration menu
    Copy the full SHA
    197a83a View commit details
    Browse the repository at this point in the history

  4. Merge branch 'master' into dependabot/maven/org.jenkins-ci.plugins-pr… 

    …omoted-builds-892.vd6219fc0a_efb
    @MarkEWaite
    MarkEWaite authored May 6, 2024
    Configuration menu
    Copy the full SHA
    0de2c84 View commit details
    Browse the repository at this point in the history

  5. Exclude promoted-builds from dependabot checks 

    jenkinsci/bom#3171 describes the issue.  The
promoted builds version needs to be kept the same in the git plugin
and in the paramaterized trigger plugin.  If they are not the same,
then tests will fail in the plugin bill of materials.
    @MarkEWaite
    MarkEWaite committed May 6, 2024
    Configuration menu
    Copy the full SHA
    c719a28 View commit details
    Browse the repository at this point in the history

  6. Merge branch 'master' into dependabot/maven/org.jenkins-ci.plugins-pr… 

    …omoted-builds-892.vd6219fc0a_efb
    @MarkEWaite
    MarkEWaite authored May 6, 2024
    Configuration menu
    Copy the full SHA
    df1df46 View commit details
    Browse the repository at this point in the history