Re: How to re-sync credentials for publishing plugin updates?

2021-12-13 Thread 'Gavin Mogan' via Jenkins Developers 
https://www.jenkins.io/doc/developer/publishing/releasing-cd/

On Mon, Dec 13, 2021 at 1:25 PM Matt Sicker  wrote:

> The CD approach sounds good. I’ll look into that, thanks.
>
> —
> Matt Sicker
>
> On Dec 13, 2021, at 15:13, 'Gavin Mogan' via Jenkins Developers <
> jenkinsci-dev@googlegroups.com> wrote:
>
> 
> You shouldn't need to sync anything. Unless you're talking about syncing
> artifactory and maven.
>
> I don't think you can currently log into artifactory to pull down your
> credentials while the account services are down
>
> You can enable cd like the other threads mention though
>
> On Mon., Dec. 13, 2021, 12:55 p.m. Matt Sicker,  wrote:
>
>> Hey all, I was wondering what I needed to do to re-sync my credentials
>> for publishing plugins, especially after changing my password? I’d like to
>> cut a release of a plugin affected by CVE-2021-44228 (log4j-core).
>> --
>> Matt Sicker
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Jenkins Developers" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to jenkinsci-dev+unsubscr...@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/jenkinsci-dev/37B7F059-E4C4-4697-8B5C-E85157943CE6%40gmail.com
>> .
>>
> --
> You received this message because you are subscribed to the Google Groups
> "Jenkins Developers" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to jenkinsci-dev+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/jenkinsci-dev/CAG%3D_DutsFPDuOBHcEuM9h1S3CKkodkSo0ZpBWMgAK%3D8hv5AMqA%40mail.gmail.com
> 
> .
>
> --
> You received this message because you are subscribed to the Google Groups
> "Jenkins Developers" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to jenkinsci-dev+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/jenkinsci-dev/C5DE29C6-DFDB-4B41-9E53-17C4C0B2A702%40gmail.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-dev+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-dev/CAG%3D_DuurB2Vu3dHkdgCwzE%2BQ0Ykz5WEZk6ZnNNEzvAu27eqxmQ%40mail.gmail.com.

Re: Feedback on some analysis I'm doing

2021-12-13 Thread 'Jesse Glick' via Jenkins Developers 
On Mon, Dec 13, 2021 at 1:35 PM 'rsomas...@netflix.com' via Jenkins
Developers  wrote:

> That suggests that Jenkins Core would prefer plugins to use slf4j-api. If
> that's the case, all plugins that depend on jenkins-core should use
> slf4j-api
>

No, Jenkins core uses java.util.logging, and the great majority of plugins
do the same. slf4j-api is just there for a handful of third-party
components that require it.

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-dev+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-dev/CANfRfr1WANeOCRig%3DWGYwCAVHw8cnv8D-UTudnF%3D7kUPQ%2BW-QA%40mail.gmail.com.

Re: How to re-sync credentials for publishing plugin updates?

2021-12-13 Thread Matt Sicker 
The CD approach sounds good. I’ll look into that, thanks.

—
Matt Sicker

> On Dec 13, 2021, at 15:13, 'Gavin Mogan' via Jenkins Developers 
>  wrote:
> 
> 
> You shouldn't need to sync anything. Unless you're talking about syncing 
> artifactory and maven.
> 
> I don't think you can currently log into artifactory to pull down your 
> credentials while the account services are down
> 
> You can enable cd like the other threads mention though
> 
>> On Mon., Dec. 13, 2021, 12:55 p.m. Matt Sicker,  wrote:
>> Hey all, I was wondering what I needed to do to re-sync my credentials for 
>> publishing plugins, especially after changing my password? I’d like to cut a 
>> release of a plugin affected by CVE-2021-44228 (log4j-core).
>> --
>> Matt Sicker
>> 
>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Jenkins Developers" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to jenkinsci-dev+unsubscr...@googlegroups.com.
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/jenkinsci-dev/37B7F059-E4C4-4697-8B5C-E85157943CE6%40gmail.com.
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Jenkins Developers" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to jenkinsci-dev+unsubscr...@googlegroups.com.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/jenkinsci-dev/CAG%3D_DutsFPDuOBHcEuM9h1S3CKkodkSo0ZpBWMgAK%3D8hv5AMqA%40mail.gmail.com.

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-dev+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-dev/C5DE29C6-DFDB-4B41-9E53-17C4C0B2A702%40gmail.com.

Re: How to re-sync credentials for publishing plugin updates?

2021-12-13 Thread 'Gavin Mogan' via Jenkins Developers 
You shouldn't need to sync anything. Unless you're talking about syncing
artifactory and maven.

I don't think you can currently log into artifactory to pull down your
credentials while the account services are down

You can enable cd like the other threads mention though

On Mon., Dec. 13, 2021, 12:55 p.m. Matt Sicker,  wrote:

> Hey all, I was wondering what I needed to do to re-sync my credentials for
> publishing plugins, especially after changing my password? I’d like to cut
> a release of a plugin affected by CVE-2021-44228 (log4j-core).
> --
> Matt Sicker
>
> --
> You received this message because you are subscribed to the Google Groups
> "Jenkins Developers" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to jenkinsci-dev+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/jenkinsci-dev/37B7F059-E4C4-4697-8B5C-E85157943CE6%40gmail.com
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-dev+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-dev/CAG%3D_DutsFPDuOBHcEuM9h1S3CKkodkSo0ZpBWMgAK%3D8hv5AMqA%40mail.gmail.com.

How to re-sync credentials for publishing plugin updates?

2021-12-13 Thread Matt Sicker 
Hey all, I was wondering what I needed to do to re-sync my credentials for 
publishing plugins, especially after changing my password? I’d like to cut a 
release of a plugin affected by CVE-2021-44228 (log4j-core).
--
Matt Sicker

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-dev+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-dev/37B7F059-E4C4-4697-8B5C-E85157943CE6%40gmail.com.

Re: Feedback on some analysis I'm doing

2021-12-13 Thread Matt Sicker 
Note that some plugins (like audit-log) use log4j-api due to slf4j-api
not supporting non-String messages (e.g., audit log structured data
messages, syslog metadata, etc.). Promoting logging APIs to an API
plugin may require some care in implementation. Also, Jenkins' UI for
recording and viewing logs is currently tied to the java.util.logging
API, not SLF4J or Log4j2, so if logging is further consolidated, that
may also need to be updated.

On Mon, Dec 13, 2021 at 1:48 PM Basil Crow  wrote:
>
> On Mon, Dec 13, 2021 at 11:22 AM 'rsomas...@netflix.com' via Jenkins
> Developers  wrote:
> >
> > While sometimes […] it is about security […]
> > Other times, it's mostly about reducing redundant libraries […]
>
> Indeed.
>
> > Other common libraries are
> > com.google.code.gson  gson  2.8.5   45
>
> Ought to be made into an API plugin I think.
>
> > org.apache.commonscommons-lang3 3.4 33
>
> Ditto.
>
> On Mon, Dec 13, 2021 at 10:35 AM 'rsomas...@netflix.com' via Jenkins
> Developers  wrote:
> >
> > The maven-hpi-plugin could do some linting of the plugins
>
> Would certainly be nice to issue warnings to plugin developers
> directing them to use API plugins when possible. Another common
> mistake I have seen is mistakenly bundling test libraries in
> production, which in some cases results in memory leaks that can take
> down a controller (cf. JENKINS-65650 and JENKINS-65771).
>
> > only get it as a transitive from the provided dependency on jenkins-core
>
> Might be interesting to look into avoiding the bundling of
> dependencies that are provided by Jenkins core. These are unused at
> runtime: 
> https://github.com/jenkinsci/jenkins/blob/165d559469c7a58af581931bd1b89e5b9ed4a9af/core/src/main/java/hudson/ClassicPluginStrategy.java#L247
>
> --
> You received this message because you are subscribed to the Google Groups 
> "Jenkins Developers" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to jenkinsci-dev+unsubscr...@googlegroups.com.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/jenkinsci-dev/CAFwNDjoGO%3DrHhqttnUJ_--eLq_BE2qq%3DXNnvi8FK_fkJfXgFEg%40mail.gmail.com.

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-dev+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-dev/CACmp6krmvcr6K%3DM5jqt3LYbtZJv8AyuSWohUfn25%2BEXnyOmXSg%40mail.gmail.com.

Re: Feedback on some analysis I'm doing

2021-12-13 Thread Basil Crow 
On Mon, Dec 13, 2021 at 11:22 AM 'rsomas...@netflix.com' via Jenkins
Developers  wrote:
>
> While sometimes […] it is about security […]
> Other times, it's mostly about reducing redundant libraries […]

Indeed.

> Other common libraries are
> com.google.code.gson  gson  2.8.5   45

Ought to be made into an API plugin I think.

> org.apache.commonscommons-lang3 3.4 33

Ditto.

On Mon, Dec 13, 2021 at 10:35 AM 'rsomas...@netflix.com' via Jenkins
Developers  wrote:
>
> The maven-hpi-plugin could do some linting of the plugins

Would certainly be nice to issue warnings to plugin developers
directing them to use API plugins when possible. Another common
mistake I have seen is mistakenly bundling test libraries in
production, which in some cases results in memory leaks that can take
down a controller (cf. JENKINS-65650 and JENKINS-65771).

> only get it as a transitive from the provided dependency on jenkins-core

Might be interesting to look into avoiding the bundling of
dependencies that are provided by Jenkins core. These are unused at
runtime: 
https://github.com/jenkinsci/jenkins/blob/165d559469c7a58af581931bd1b89e5b9ed4a9af/core/src/main/java/hudson/ClassicPluginStrategy.java#L247

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-dev+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-dev/CAFwNDjoGO%3DrHhqttnUJ_--eLq_BE2qq%3DXNnvi8FK_fkJfXgFEg%40mail.gmail.com.

Re: Feedback on some analysis I'm doing

2021-12-13 Thread 'rsomas...@netflix.com' via Jenkins Developers 
While sometimes (like log4j-core) it is about security and owasp can help.
Other times, it's mostly about reducing redundant libraries - like 
slf4j-api or log4j-api.

Other common libraries are

❯ csvsql "SELECT jarGroupId, jarArtifactId, jarVersion, count(*) as CT
FROM plugin-jars.csv
GROUP BY jarGroupId, jarArtifactId, jarVersion
ORDER BY CT DESC
LIMIT 20
"
jarGroupIdjarArtifactId jarVersion  CT
344
commons-codec commons-codec 1.9 75
com.google.code.findbugs  jsr3053.0.2   62
org.apache.httpcomponents httpcore  4.4.13  58
com.github.stephenc.findbugs  findbugs-annotations  1.3.9-1 56
org.slf4j slf4j-api 1.7.30  48
com.google.code.gson  gson  2.8.5   45
org.apache.httpcomponents httpclient4.5.13  44
org.apache.httpcomponents httpclient4.5.2   42
com.google.code.findbugs  jsr3051.3.9   41
org.apache.httpcomponents httpcore  4.4.4   41
commons-codec commons-codec 1.1040
commons-codec commons-codec 1.1138
com.google.code.gson  gson  2.8.6   37
commons-iocommons-io2.4 35
commons-lang  commons-lang  2.6 35
org.apache.commonscommons-lang3 3.7 34
commons-httpclientcommons-httpclient3.1 33
org.apache.commonscommons-lang3 3.4 33
com.fasterxml.jackson.corejackson-annotations   2.9.0   31

Some of these are already part of jenkins-core. E.g. commons-codec, 
commons-io, commons-httpclient, etc.

On Monday, December 13, 2021 at 11:00:19 AM UTC-8 m...@basilcrow.com wrote:

> Might be interesting to look into adding something like OWASP 
> Dependency-Check  to the 
> parent 
> POM  and plugin parent POM 
> , with suppressions for existing 
> false positives 
> . 
> We could start by adding warnings to the build and then later upgrade those 
> warnings to errors once we feel confident that most false positives have 
> been suppressed.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-dev+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-dev/5e4da21f-8617-492f-8378-d902bbd6c168n%40googlegroups.com.

Re: Feedback on some analysis I'm doing

2021-12-13 Thread Basil Crow 
Might be interesting to look into adding something like OWASP
Dependency-Check  to the parent
POM  and plugin parent POM
, with suppressions for existing
false positives
. We
could start by adding warnings to the build and then later upgrade those
warnings to errors once we feel confident that most false positives have
been suppressed.

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-dev+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-dev/CAFwNDjrRMVod1mNQyFvu3-RM2PUop7DbSKmMkQdsmJjQ349zvw%40mail.gmail.com.

Re: Adoption request for "sonar-gerrit" plugin

2021-12-13 Thread 'Gavin Mogan' via Jenkins Developers 
Passwords got reset a couple months ago
account service is down so you can't reset your credentials till it comes
back up, they are confirming log4j free

Gavin

On Mon, Dec 13, 2021 at 9:46 AM 'Réda Housni Alaoui' via Jenkins Developers
 wrote:

> Me again :)
>
> I can't authenticate to https://repo.jenkins-ci.org/ui/login/ with my
> Jenkins credentials.
> Did I do something wrong?
>
> Best regards
>
> On December 12, 2021, "Réda Housni Alaoui"  wrote:
>
> Whatever you did worked !
>
> Thank you
>
> On December 12, 2021, Jenkins Developers 
> wrote:
>
> Weird, why did i merge
> https://github.com/jenkins-infra/repository-permissions-updater/pull/2210
> when the template wasn't filled out.
> We never gave you github access, the template has a field to indicate if
> you need github access as well.
> I'll run it now.
> Gavin
>
>
> On Sun, Dec 12, 2021 at 5:14 AM 'Réda Housni Alaoui' via Jenkins
> Developers  wrote:
>
> Hi Mark,
>>
>> I just tried to push to the adopted repository and it fails with:
>>
>> ERROR: Permission to jenkinsci/sonar-gerrit-plugin.git denied to
>> reda-alaoui. fatal: Could not read from remote repository. Please make sure
>> you have the correct access rights and the repository exists.
>>
>> I first thought it was because I provided my jenkinsci username instead
>> of my github username in the PR.
>> But given
>> https://github.com/jenkins-infra/repository-permissions-updater/pull/2243/checks?check_run_id=4497955598,
>> I came to the conclusion that is was not culprit.
>>
>> Can you help me with this please?
>>
>> Best regards
>>
>> Le dimanche 28 novembre 2021 à 20:13:14 UTC+1, Mark Waite a écrit :
>>
>>> Please submit a pull request to the repository permissions updater
>>> repository
>>>  that
>>> proposes to make you a maintainer of that plugin.
>>>
>>> On Sun, Nov 28, 2021 at 12:06 PM 'Réda Housni Alaoui' via Jenkins
>>> Developers  wrote:
>>>
 Hello,

 So 2 weeks have passed. What's the next step? :)

 Le dimanche 14 novembre 2021 à 12:59:07 UTC+1, Mark Waite a écrit :

> +1 from me for the adoption.  Since the referenced request was not a
> specific request to adopt the plugin, I think we should start the two week
> timer for the adoption request and complete the adoption in two weeks.
>
> On Sunday, November 14, 2021 at 4:55:55 AM UTC-7 reda-...@hey.com
> wrote:
>
>> Hello Mark,
>>
>> Yes I am.
>>
>> On November 14, 2021, Mark Waite  wrote:
>>
>> Thanks for your interest in adopting the plugin.  That plugin has a
>> known security vulnerability as described at
>> https://www.jenkins.io/security/advisory/2019-10-23/#SECURITY-1003
>> .  That vulnerability would need to be fixed in addition to the merge of
>> the pull request that you're proposing.
>>
>> Would you also be willing to fix that vulnerability by modifying the
>> plugin to use Jenkins credentials?
>>
>> Mark Waite
>>
>> On Sunday, November 14, 2021 at 3:53:17 AM UTC-7 Réda Housni Alaoui
>> wrote:
>>>
>>> Hi everyone,
>>>
>>> I'd like to adopt https://plugins.jenkins.io/sonar-gerrit/ for the
>>> following reasons:
>>>
>>>- the plugin hasn't seen any release for 2 years
>>>- since the last Sonarqube LTS version, the plugin needs
>>>https://github.com/jenkinsci/sonar-gerrit-plugin/pull/38. The PR
>>>has been opened for 1 year without any reaction from the maintainer
>>>https://github.com/aquarellian
>>>- the maintainer does not reply to pinging (
>>>
>>> https://github.com/jenkinsci/sonar-gerrit-plugin/pull/38#issuecomment-953003777
>>>)
>>>
>>>
>>> I want to deliver
>>> https://github.com/jenkinsci/sonar-gerrit-plugin/pull/39 (which is
>>> a rework of https://github.com/jenkinsci/sonar-gerrit-plugin/pull/38
>>> ).
>>>
>>> My github username is https://github.com/reda-alaoui .
>>> My Jenkins infrastructure account id is *reda_alaoui* .
>>>
>>> Best regards
>>>
>>
>> --
>> You received this message because you are subscribed to the Google
>> Groups "Jenkins Developers" group.
>> To unsubscribe from this group and stop receiving emails from it,
>> send an email to jenkinsci-de...@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/jenkinsci-dev/0e766256-2f08-4b3c-85b3-4c950669fd49n%40googlegroups.com
>> 
>> .
>>
>> --
 You received this message because you are subscribed to the Google
 Groups "Jenkins Developers" group.
 To unsubscribe from this group and stop receiving emails from it, send
 an email to jenkinsci-de...@googlegroups.com.

>>> To

Re: Adoption request for "sonar-gerrit" plugin

2021-12-13 Thread 'Réda Housni Alaoui' via Jenkins Developers 
Me again :)

I can't authenticate to https://repo.jenkins-ci.org/ui/login/ with my
Jenkins credentials.
Did I do something wrong?

Best regards

On December 12, 2021, "Réda Housni Alaoui"  wrote:
> Whatever you did worked !
>
> Thank you
>
> On December 12, 2021, Jenkins Developers  d...@googlegroups.com> wrote:
> > Weird, why did i merge  > permissions-updater/pull/2210> when the template wasn't filled out.
> > We never gave you github access, the template has a field to
> > indicate if you need github access as well.
> > I'll run it now.
> > Gavin
>
>
> > On Sun, Dec 12, 2021 at 5:14 AM 'Réda Housni Alaoui' via Jenkins
> > Developers mailto:jenkinsci-
> > d...@googlegroups.com>> wrote:
>
> > Hi Mark,
> >
> > I just tried to push to the adopted repository and it fails with:
> >
> > ERROR: Permission to jenkinsci/sonar-gerrit-plugin.git denied to
> > reda-alaoui. fatal: Could not read from remote repository. Please
> > make sure you have the correct access rights and the repository
> > exists.
> >
> > I first thought it was because I provided my jenkinsci username
> > instead of my github username in the PR.
> > But given  > updater/pull/2243/checks?check_run_id=4497955598>, I came to the
> > conclusion that is was not culprit.
> >
> > Can you help me with this please?
> >
> > Best regards
> >
> > Le dimanche 28 novembre 2021 à 20:13:14 UTC+1, Mark Waite a écrit :
> > > Please submit a pull request to the repository permissions updater
> > > repository  > > permissions-updater> that proposes to make you a maintainer of
> > > that plugin.  
> > >
> > > On Sun, Nov 28, 2021 at 12:06 PM 'Réda Housni Alaoui' via Jenkins
> > > Developers  wrote:
> > > > Hello,
> > > >
> > > > So 2 weeks have passed. What's the next step? :)
> > > >
> > > > Le dimanche 14 novembre 2021 à 12:59:07 UTC+1, Mark Waite a
> > > > écrit :
> > > > > +1 from me for the adoption.  Since the referenced request was
> > > > > not a specific request to adopt the plugin, I think we should
> > > > > start the two week timer for the adoption request and complete
> > > > > the adoption in two weeks.
> > > > >
> > > > > On Sunday, November 14, 2021 at 4:55:55 AM UTC-7 reda-
> > > > > ...@hey.com wrote:
> > > > > > Hello Mark,
> > > > > >
> > > > > > Yes I am.
> > > > > >
> > > > > > On November 14, 2021, Mark Waite 
> > > > > > wrote:
> > > > > > > Thanks for your interest in adopting the plugin.  That
> > > > > > > plugin has a known security vulnerability as described at
> > > > > > >  > > > > > > 23/#SECURITY-1003> .  That vulnerability would need to be
> > > > > > > fixed in addition to the merge of the pull request that
> > > > > > > you're proposing.
> > > > > > >
> > > > > > > Would you also be willing to fix that vulnerability by
> > > > > > > modifying the plugin to use Jenkins credentials?
> > > > > > >
> > > > > > > Mark Waite
> > > > > > >
> > > > > > > On Sunday, November 14, 2021 at 3:53:17 AM UTC-7 Réda
> > > > > > > Housni Alaoui wrote:
> > > > > > > > Hi everyone,
> > > > > > > >
> > > > > > > > I'd like to adopt  > > > > > > > gerrit/> for the following reasons:
> > > > > > >
> > > > > > >
> > > > > >
> > > > > > > --
> > > > > > >  You received this message because you are subscribed to
> > > > > > > the Google Groups "Jenkins Developers" group.
> > > > > > >  To unsubscribe from this group and stop receiving emails
> > > > > > > from it, send an email to jenkinsci-
> > > > > > > de...@googlegroups.com.
> > > > > > >  To view this discussion on the web visit
> > > > > > > https://groups.google.com/d/msgid/jenkinsci-dev/0e766256-
> > > > > > > 2f08-4b3c-85b3-4c950669fd49n%40googlegroups.com
> > > > > > >  > > > > > > 2f08-4b3c-85b3-
> > > > > > > 4c950669fd49n%40googlegroups.com?utm_medium=email&utm_source=footer>.
> > > > > >
> > > > >
> > > >
> > > >
> > > >  --
> > > >  You received this message because you are subscribed to the
> > > > Google Groups "Jenkins Developers" group.
> > > >  To unsubscribe from this group and stop receiving emails from
> > > > it, send an email to jenkinsci-de...@googlegroups.com.
> > >
> > > > To view this discussion on the web visit
> > > > https://groups.google.com/d/msgid/jenkinsci-dev/cdcca73f-c5f1-
> > > > 45dd-85b9-f3451990bd59n%40googlegroups.com
> > > >  > > > 45dd-85b9-
> > > > f3451990bd59n%40googlegroups.com?utm_medium=email&utm_source=footer>.
> > >
> >
> >
> >  --
> >  You received this message because you are subscribed to the Google
> > Groups "Jenkins Developers" group.
> >  To unsubscribe from this group and stop receiving emails from it,
> > send an email to jenkinsci-dev+unsubscr...@googlegroups.com
> >

Re: Unable to release, unable to access my account

2021-12-13 Thread 'Jesse Glick' via Jenkins Developers 
As an alternative, you can consider
https://www.jenkins.io/doc/developer/publishing/releasing-cd/ which does
not require you to have any credentials beyond GitHub write access to the
plugin.

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-dev+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-dev/CANfRfr26TxAD3pSbxB-EYk9DkAdX5sydf1r52AWAWJZ3%2BTYTVA%40mail.gmail.com.