Thanks, Ullrich, I will have a look at that as soon as the "legal" stuff is settled. If the final result is that the plugin is redundant, a valid maintenance action could be to document this on the plugin's page and send it into retirement. We'll see.
Best regards, Daniel Am Di., 18. Jan. 2022 um 09:11 Uhr schrieb Ullrich Hafner <[email protected]>: > > And please note: > > Since a couple of releases an OWASP dependency check parser is part of the > warnings plugin as well > (https://github.com/jenkinsci/warnings-ng-plugin/blob/master/SUPPORTED-FORMATS.md). > So if you are just interested in showing the results of the analysis no > additional plugin is required anymore. And you do need to duplicate > development of mostly the same feature set (and you do not need to fix > security issues that have been fixed already in the warnings plugin). > > Ulli > > > Am 17.01.2022 um 22:33 schrieb kudos-dude <[email protected]>: > > > Hello, > > I would like to pass off the maintainer role. Please let me know if you > require anything additional to complete the process. > On Monday, January 17, 2022 at 3:35:08 PM UTC-5 [email protected] wrote: >> >> Hi Jean-Marc, >> >> I understood that "kudos-dude" (who wrote here on 10 November that he can no >> longer be maintainer) is the same person as "Wes" (see the last previous >> mail by "kudos-dude" and also the Jira profile: >> https://issues.jenkins.io/secure/ViewProfile.jspa?name=kudos_dude). >> >> Nonetheless, he filed an issue 4 December asking for the security warning to >> be removed, because it is fixed in the newest version: >> https://issues.jenkins.io/browse/JENKINS-67321 >> >> I do not yet know what the process is to handle this issue, but it seems to >> be pretty clear that kudos-dude/Wes does not see himself in the >> maintainer-role any longer. I'll write to his e-mail address listed on Jira >> anyway to confirm that once more. >> >> Best regards, >> Daniel >> >> Jean-Marc Meessen schrieb am Montag, 17. Januar 2022 um 21:02:21 UTC+1: >>> >>> Hello Daniel, >>> >>> Thank you for your interest in maintaining this plugin. >>> >>> The situation of that plugin is a little blurry right now: there was a >>> recent adoption request by Wes that has been approved. But the plugin is >>> still marked for adoption. Did Wes forget to remove the flag or did he give >>> up after a couple of weeks? >>> >>> Could you please reach out to him to assess the exact situation and come >>> back to this group? Hint: look at the git log for the email. >>> >>> Apparently, this plugin needs some love and attention: there is an XSS >>> vulnerability detected on it. >>> >>> /- Jmm >>> >>> Le lun. 17 janv. 2022 à 19:08, Daniel Warmuth <[email protected]> a >>> écrit : >>>> >>>> Hi, >>>> >>>> I'd like to become maintainer of this plugin >>>> (https://plugins.jenkins.io/dependency-check-jenkins-plugin/). I >>>> understand that Wes (kudos-dude) can no longer be maintainer and is >>>> looking for someone to take over. >>>> >>>> My GitHub username is "danile42" and my Jenkins infrastructure account id >>>> is also "danile42". >>>> >>>> I do not have pull requests open, but work at a company that wants to use >>>> this plugin - therefore, I have a special interest and time available to >>>> do maintenance work. >>>> >>>> Please let me know how we can proceed. >>>> >>>> Best regards, >>>> Daniel >>>> >>>> Jean-Marc Meessen schrieb am Samstag, 18. Dezember 2021 um 21:43:03 UTC+1: >>>>> >>>>> Hello Wes, >>>>> >>>>> Thank you for adopting this plugin. >>>>> >>>>> I am working with Mark Waites and a couple of others on various >>>>> initiatives to improve the contributors and maintainers experience >>>>> (especially newcomers). >>>>> >>>>> It is in that context that I believe that it would be great if we could >>>>> we discuss your experience by mail of even is a short call (if time zones >>>>> are favorable). I'd like to know things, among others, like: >>>>> >>>>> was the adoption successful? >>>>> what were the friction points? >>>>> Did you get (or needed) help? In what form? >>>>> what were your motives for adoption? >>>>> what is your previous experience as Jenkins/OSS contributor and in java >>>>> dev? >>>>> .... >>>>> >>>>> If interested to share your experience, you can contact me at >>>>> [email protected]. >>>>> >>>>> /- Jmm >>>>> Jean-Marc Meessen >>>>> Brussels, Belgium >>>>> >>>>> Le jeudi 11 novembre 2021 à 21:36:50 UTC+1, kudos-dude a écrit : >>>>>> >>>>>> I want to apologize for the tone in my original post. Just feeling a bit >>>>>> overwhelmed at the moment. >>>>>> >>>>>> The plugin on Github still contains the `adopt-this-plugin` tag and the >>>>>> "Seeking a new maintainer" section. >>>>>> >>>>>> https://github.com/jenkinsci/dependency-check-plugin >>>>>> >>>>>> Please let me know if there is anything else I need to do. >>>>>> >>>>>> Wes >>>>>> On Thursday, November 11, 2021 at 9:10:37 AM UTC-5 [email protected] >>>>>> wrote: >>>>>>> >>>>>>> As a side note for this plugin: if someone is willing to refactor the >>>>>>> existing parser so that it rather writes the output to the object model >>>>>>> of the analysis-model plugin then we simply can integrate it into the >>>>>>> parser collections of the warnings plugin. Then the whole OWASP >>>>>>> Dependency Check plugin will become obsolete and the visualization will >>>>>>> be automatically improved while the warnings plugin is improving. >>>>>>> >>>>>>> Am 10.11.2021 um 22:04 schrieb Mark Waite <[email protected]>: >>>>>>> >>>>>>> Thanks for adopting it in April. >>>>>>> >>>>>>> The easiest way to list it as "Seeking a new maintainer" is to place a >>>>>>> topic on the GitHub repository "adopt-this-plugin". Refer to the >>>>>>> https://github.com/jenkinsci/run-condition-plugin and the >>>>>>> "adopt-this-plugin" topic that is assigned towards the upper right >>>>>>> corner of the list of files >>>>>>> >>>>>>> >>>>>>> >>>>>>> On Wednesday, November 10, 2021 at 1:49:45 PM UTC-7 kudos-dude wrote: >>>>>>>> >>>>>>>> I adopted this plugin back in April, but my circumstances have changed. >>>>>>>> >>>>>>>> I need to formally place this plugin back into a "Seeking a new >>>>>>>> maintainer" state. I believe that there was interest in the recent >>>>>>>> past looking to adopt the plugin, which I did at that stage state I >>>>>>>> was placing the plugin up for adoption again and was willing to >>>>>>>> transfer ownership. The conversation did not progress and I still own >>>>>>>> it as a result. >>>>>>>> >>>>>>>> I have since received communication about additional work required for >>>>>>>> the plugin, but as stated above, I simply don't have time. I'd go into >>>>>>>> the reasons why, but this isn't my personal blog, so I'll spare the >>>>>>>> details. >>>>>>>> >>>>>>>> I don't know what the official requirements are for making this >>>>>>>> concrete, so I ask any officials within this forum to please take this >>>>>>>> request across the finish line. >>>>>>> >>>>>>> >>>>>>> -- >>>>>>> You received this message because you are subscribed to the Google >>>>>>> Groups "Jenkins Developers" group. >>>>>>> To unsubscribe from this group and stop receiving emails from it, send >>>>>>> an email to [email protected]. >>>>>>> To view this discussion on the web visit >>>>>>> https://groups.google.com/d/msgid/jenkinsci-dev/39e632a3-0462-4b12-b7b2-dd287526f965n%40googlegroups.com. >>>>>>> <screencapture-github-jenkinsci-run-condition-plugin-2021-11-10-14_02_46-edit.png> >>>>>>> >>>>>>> >>>> >>>> -- >>>> >>>> You received this message because you are subscribed to a topic in the >>>> Google Groups "Jenkins Developers" group. >>>> To unsubscribe from this topic, visit >>>> https://groups.google.com/d/topic/jenkinsci-dev/QxWAgJb4oyg/unsubscribe. >>>> To unsubscribe from this group and all its topics, send an email to >>>> [email protected]. >>>> To view this discussion on the web visit >>>> https://groups.google.com/d/msgid/jenkinsci-dev/eb4c42fa-d12d-4f55-a76e-5090577aed0en%40googlegroups.com. > > > -- > You received this message because you are subscribed to the Google Groups > "Jenkins Developers" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/jenkinsci-dev/1c913067-7de7-4e03-b72d-45ac52f43df0n%40googlegroups.com. > > > -- > You received this message because you are subscribed to a topic in the Google > Groups "Jenkins Developers" group. > To unsubscribe from this topic, visit > https://groups.google.com/d/topic/jenkinsci-dev/QxWAgJb4oyg/unsubscribe. > To unsubscribe from this group and all its topics, send an email to > [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/jenkinsci-dev/F3994220-C390-4B91-B424-268B36A5F6D2%40gmail.com. -- You received this message because you are subscribed to the Google Groups "Jenkins Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/CACUR2MV3weGnQnV1J3WOcRyT9y8XPfWux3%2BPtvXgosA2oSfjOA%40mail.gmail.com.
