Bump credentials from 2.6.1 to 2.6.2

[dependabot]

Bumps credentials from 2.6.1 to 2.6.2.

Release notes

Sourced from credentials's releases.

2.6.2

🚀 New features and improvements

• Add config as code support for credentials configuration (#235) @​timja
• JENKINS-66639 - adding explict jcasc symbol on CertificateCredentialImpl and UsernamePasswordCredentialsImpl classes (#227) @​aHenryJard
• feat: JENKINS-66699 - Exchange default PNGs with SVG icons (#230) @​NotMyFault

🐛 Bug fixes

• fix: Address post merge comment (Improvement of userpass.svg) (#236) @​NotMyFault

📦 Dependency updates

• Bump plugin from 4.27 to 4.29 (#239) @​dependabot
• Bump jruby-complete from 9.3.0.0 to 9.3.1.0 (#240) @​dependabot
• Bump xmlunit-matchers from 2.8.2 to 2.8.3 (#241) @​dependabot
• Bump cloudbees-folder from 6.15 to 6.16 (#233) @​dependabot
• Bump asciidoctorj from 2.5.1 to 2.5.2 (#234) @​dependabot
• Bump bom-2.222.x from 831.v9814430e6383 to 887.vae9c8ac09ff7 (#217) @​dependabot
• Bump git-changelist-maven-extension from 1.0-beta-7 to 1.2 (#218) @​dependabot
• Bump asciidoctor-maven-plugin from 2.1.0 to 2.2.1 (#222) @​dependabot
• Bump jruby-complete from 9.2.17.0 to 9.3.0.0 (#231) @​dependabot
• Bump plugin from 4.19 to 4.27 (#232) @​dependabot

👻 Maintenance

• Code improvements (#228) @​offa

🚦 Tests

• Enable JDK11 in Jenkinsfile (#238) @​aneveux

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[KalleOlaviNiemitalo]

Please block this for a while. I have Credentials 2.6.1 installed on the latest Jenkins LTS 2.303.2 and the update center tells me that Credentials 2.6.2 is unavailable. The Jenkins minimum version was raised to 2.308 in jenkinsci/credentials-plugin#230 but there isn't yet any Jenkins LTS release that satisfies this requirement.

[jglick]

Use the plugin BOM instead.

[uhafner]

Use the plugin BOM instead.

Actually I am using the BOM. Seems that I forgot to remove some plugin versions that are in the BOM (or are now in the BOM since I upgraded to Jenkins BOM 2.289.1).

What also does not seem to work (or I am using it in the wrong way). The checks-api is defined in the BOM: https://github.com/jenkinsci/bom/blob/master/bom-weekly/pom.xml#L44-L54

This works for the normal dependency, but not for the test dependency:
ok: https://github.com/jenkinsci/warnings-ng-plugin/blob/master/plugin/pom.xml#L227
nok: https://github.com/jenkinsci/warnings-ng-plugin/blob/master/plugin/pom.xml#L399
For the test-jar I get a maven error:

[ERROR]   The project io.jenkins.plugins:warnings-ng:9.6.0-SNAPSHOT (/Users/hafner/Development/git/warnings-ng-plugin-devenv/warnings-ng-plugin/plugin/pom.xml) has 1 error
[ERROR]     'dependencies.dependency.version' for io.jenkins.plugins:checks-api:test-jar is missing. @ io.jenkins.plugins:warnings-ng:${revision}${changelist}, /Users/hafner/Development/git/warnings-ng-plugin-devenv/warnings-ng-plugin/plugin/pom.xml, line 395, column 17

Do need to reference the test-jar differently?

[jglick]

Use classifier not type and it should work.

BTW always press the Y key to get a permalink before pasting a source link into a discussion, or the URL will become meaningless when the file is next edited on that line or above.

[uhafner]

When I use classifier I get:

Downloading from central: https://repo1.maven.org/maven2/io/jenkins/plugins/checks-api/1.7.2/checks-api-1.7.2-test-jar.jar
Downloading from repo.jenkins-ci.org: https://repo.jenkins-ci.org/public/io/jenkins/plugins/checks-api/1.7.2/checks-api-1.7.2-test-jar.jar
Downloading from incrementals.jenkins-ci.org: https://repo.jenkins-ci.org/incrementals/io/jenkins/plugins/checks-api/1.7.2/checks-api-1.7.2-test-jar.jar
Downloading from incrementals: https://repo.jenkins-ci.org/incrementals/io/jenkins/plugins/checks-api/1.7.2/checks-api-1.7.2-test-jar.jar
[ERROR] Failed to execute goal on project warnings-ng: Could not resolve dependencies for project io.jenkins.plugins:warnings-ng:hpi:9.6.0-SNAPSHOT: Could not find artifact io.jenkins.plugins:checks-api:jar:test-jar:1.7.2 in central (https://repo1.maven.org/maven2) -> [Help 1]
[

[uhafner]

Ok I found it: I must use:

<classifier>tests</classifier>

[uhafner]

Superseded by #1084

I found a lot of versions that are now part of the BOM 🤦‍♂️

[dependabot]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.