Re: Prototype.js replacing JSON.stringify

2023-07-18 Thread Basil Crow 
Many thanks to everyone who has contributed PRs to remove usages of
Prototype.

I did a more thorough search for usages of Prototype, this time scanning
every .jelly and .js file in the Update Center. I updated the spreadsheet

.

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-dev+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-dev/CAFwNDjrFD19B877mMhRQ7yM934fUMxXdBm382ScRcY2Vu2wX5Q%40mail.gmail.com.

Re: Removing inactive CERT members to reduce risk

2023-07-18 Thread Basil Crow 
On Tue, Jul 18, 2023 at 10:56 AM 'wfoll...@cloudbees.com' via Jenkins
Developers  wrote:
>
> I prefer to have an incremental approach that provides value right now 
> instead of waiting on a larger effort that will provide value only later in 
> the future.

Why not proceed on both fronts concurrently?

> I would suggest you to start a new thread, as it's beyond the original scopes 
> of the existing ones.

The essence of my argument is that the scope of the current effort is
too limited. I suggest you expand the scope of the current effort as
described.

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-dev+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-dev/CAFwNDjqieTCixwJutUJ2-PYATVwKCxgjvbBW8rKfWif04Ow6QA%40mail.gmail.com.

Re: Removing inactive CERT members to reduce risk

2023-07-18 Thread 'wfoll...@cloudbees.com' via Jenkins Developers 
To come back to the previous topic, what you have mentioned / proposed, is 
a long term approach requiring additional changes / setting expectations / 
getting agrements. It's just not in the current scope of the changes I want 
to make. I prefer to have an incremental approach that provides value right 
now instead of waiting on a larger effort that will provide value only 
later in the future.

FTR that was explained 
in https://groups.google.com/g/jenkinsci-dev/c/8cy8w7ZqyB8/m/K6sdE_HcEAAJ.
> Starting small and increasing the scope over time. CERT membership and 
VPN/infra access will follow soon.

If you think your proposal should be implemented, I would suggest you to 
start a new thread, as it's beyond the original scopes of the existing ones.


On Tuesday, July 18, 2023 at 4:59:19 PM UTC+2 m...@basilcrow.com wrote:

> On Tue, Jul 18, 2023 at 1:05 AM 'wfoll...@cloudbees.com' via Jenkins
> Developers  wrote:
> > Your proposal about a more extreme approach was discussed and rejected.
>
> But not with a valid justification.
>
> > that discussion seemed to be sterile from my PoV
>
> I fail to see how that discussion is sterile. Neither of the arguments
> in my last post to that thread had been raised previously.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-dev+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-dev/160252b4-f1f2-446a-802c-aeb80693c67an%40googlegroups.com.

Re: Removing inactive CERT members to reduce risk

2023-07-18 Thread Basil Crow 
On Tue, Jul 18, 2023 at 1:05 AM 'wfoll...@cloudbees.com' via Jenkins
Developers  wrote:
> Your proposal about a more extreme approach was discussed and rejected.

But not with a valid justification.

> that discussion seemed to be sterile from my PoV

I fail to see how that discussion is sterile. Neither of the arguments
in my last post to that thread had been raised previously.

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-dev+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-dev/CAFwNDjoQwckBSX%3DuR%2B6KQihLw2erbznrbF5ccrvOiuVC8ZyEOw%40mail.gmail.com.

Re: GitSCM is marked as Serializable but can't be serialized because of GitSCM.extensions

2023-07-18 Thread 'Jesse Glick' via Jenkins Developers 
I guess the question is prompted by
https://github.com/jenkinsci/git-push-plugin/blob/5c9525da6da7bed8fd70e8a45d62eafd1daad3f1/src/main/java/io/jenkins/plugins/git_push/GitPushStep.java#L109
which is odd because while `StepExecution` in general is `Serializable`, a
`SynchronousNonBlockingStepExecution` does not need to be meaningfully
serializable since it will just be aborted across a controller restart. In
other words the `readObject` and `writeObject` methods are useless and
could be deleted.

`GitPushStep` as a whole seems dubious anyway, since you can just write e.g.

withGit(…) {
  sh 'git push …'
}

(More realistically, the `git push` would be embedded in some larger
script.)

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-dev+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-dev/CANfRfr1uVX_uL6aJZ-jPwFAPbW89dWV2_Yaw5Wo%3DCr%3DFMeH-rw%40mail.gmail.com.

Re: GitSCM is marked as Serializable but can't be serialized because of GitSCM.extensions

2023-07-18 Thread 'Réda Housni Alaoui' via Jenkins Developers 
Given GitScm exends GitSCMBackwardCompatibility 
and GitSCMBackwardCompatibility implements Serializable, I though it was 
expecting it to be serializable.

Therefore, I suppose I can't do better 
than 
https://github.com/jenkinsci/git-push-plugin/blob/5c9525da6da7bed8fd70e8a45d62eafd1daad3f1/src/main/java/io/jenkins/plugins/git_push/GitPushStep.java#L71-L71
 
?

On Tuesday, July 18, 2023 at 2:25:49 PM UTC+2 Mark Waite wrote:

> On Sunday, July 16, 2023 at 4:43:18 AM UTC-6 Reda wrote:
>
> Hi everyone,
>
> I'd like to understand how am I supposed to handle *GitSCM* in a 
> *StepExecution*.
>
> Here is the interesting portion of the code : 
> https://github.com/jenkinsci/git-push-plugin/blob/5c9525da6da7bed8fd70e8a45d62eafd1daad3f1/src/main/java/io/jenkins/plugins/git_push/GitPushStep.java#L71-L71
>
> If I remove the *transient* modifier from the *GitScm *attribute, I will 
> get *java.io.NotSerializableException: hudson.util.DescribableList*.
>
> Is GitPushStep already doing that correctly? If yes, what are the 
> consequences of this lack of serialization?
>
>
> GitSCM is not serializable.  It is correct to not attempt to serialize 
> it.  Can you explain why you believe that you need to serialize it? 
>

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-dev+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-dev/24c4b9e8-a464-4097-91a4-057bdf7bn%40googlegroups.com.

Re: GitSCM is marked as Serializable but can't be serialized because of GitSCM.extensions

2023-07-18 Thread Mark Waite 


On Sunday, July 16, 2023 at 4:43:18 AM UTC-6 Reda wrote:

Hi everyone,

I'd like to understand how am I supposed to handle *GitSCM* in a 
*StepExecution*.

Here is the interesting portion of the code : 
https://github.com/jenkinsci/git-push-plugin/blob/5c9525da6da7bed8fd70e8a45d62eafd1daad3f1/src/main/java/io/jenkins/plugins/git_push/GitPushStep.java#L71-L71

If I remove the *transient* modifier from the *GitScm *attribute, I will 
get *java.io.NotSerializableException: hudson.util.DescribableList*.

Is GitPushStep already doing that correctly? If yes, what are the 
consequences of this lack of serialization?


GitSCM is not serializable.  It is correct to not attempt to serialize it.  
Can you explain why you believe that you need to serialize it? 

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-dev+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-dev/71e7ba65-cc4a-473f-813e-2c631288bcean%40googlegroups.com.

[JENKINS-71661] extended-choice-parameter plugin: merge or adopt? :)

2023-07-18 Thread Baptiste Mathus 
Hey all,

FYI, we've recently uncovered an issue in the extended-choice-parameter
plugin.
In short, it is unconditionally setting up a polyfill for CustomEvents
.
This is breaking one of our plugins that is sending Custom Events.

We have filed a fix at
https://github.com/jenkinsci/extended-choice-parameter-plugin/pull/98.

I have CCed the last known maintainer (hello Chas!): I'm moving a bit fast,
granted, but given 1) the last commit was in April, and 2) this is totally
breaking our plugin, I thought I'd send at least a heads-up here so it
starts moving :-).

@Chas if you're not actively maintaining this plugin anymore, just let us
know and I'm happy to take care of it by adopting the plugin. If you still
are, I'd appreciate a review and hopefully a merge of
https://github.com/jenkinsci/extended-choice-parameter-plugin/pull/98 :-).

Thanks!

-- Baptiste
PS: I checked the jenkinsci org, and AFAICT the other plugins that play
with CustomEvent
 do
use an if(window.customEvent !== something) construct to install it only
when missing. (which is how a polyfill/shim should be set up)

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-dev+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-dev/CANWgJS7CbbeKaBrCpO55gK2EN8g0yENYmXnVR1Cgx%3DwvLpJYsw%40mail.gmail.com.

Re: Removing inactive CERT members to reduce risk

2023-07-18 Thread 'wfoll...@cloudbees.com' via Jenkins Developers 
Security is often a balancing act, to improve the security situation while 
not impeding too much on others.

Your proposal about a more extreme approach was discussed and rejected. 
Your latest message was read but as that discussion seemed to be sterile 
from my PoV, I preferred to move forward.

On Monday, July 17, 2023 at 8:19:40 PM UTC+2 m...@basilcrow.com wrote:

> On Fri, Jul 14, 2023 at 6:55 AM 'wfoll...@cloudbees.com' via Jenkins
> Developers  wrote:
> >
> > This email is a continuation of 
> https://groups.google.com/g/jenkinsci-dev/c/8cy8w7ZqyB8/m/eZfaenQzEAAJ.
>
> Is it a continuation if the last post to that thread remains 
> unacknowledged?
>

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-dev+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-dev/c4dd8b99-0051-4e93-9d1e-bf5036045712n%40googlegroups.com.