Re: Annotation versions

Former sounds better On Wed, 15 Dec 2021 at 04:12, Basil Crow wrote: > The Jenkins core BOM currently defines versions for > spotbugs-annotations, jcip-annotations, and > access-modifier-annotation, and core ships JARs for > spotbugs-annotations and access-modifier-annotation (but not >

Annotation versions

The Jenkins core BOM currently defines versions for spotbugs-annotations, jcip-annotations, and access-modifier-annotation, and core ships JARs for spotbugs-annotations and access-modifier-annotation (but not jcip-annotations, which is inconsistent). plugin-pom depends on spotbugs-annotations at

Google Summer of Code (GSoC) 2022: Call for organizers, mentors, and project ideas

Hi All, I have started this thread on HERE but thought i'd post it here as well. Much like the past 5 years, we are planning to participate in GSoC 2022

StaplerProxy getTarget

I am implementing StaplerProxy for some of my detail views. When I am returning a new view object in the getTarget method that is part of my plugin then everything shows up correctly. When I return an object from another plugin I get a 404 error. Is this some restriction (class loader?) that I

Re: Enabling Continuous Delivery / automated release process for Gradle project

On Tue, Dec 14, 2021 at 6:04 PM James Nord wrote: > the flatten plugin confuses tools Which? I think we have ironed out any problems as lots of components have picked up JEP-305. Even seems to work fine on BOMs; the last things I am hesitant

Re: Enabling Continuous Delivery / automated release process for Gradle project

But my point is the flatten plugin confuses tools and is awkward for many. Using MRP as I described would not confuse any tool as it would reqrite a pom as happens today. I'm also confused now as you are using MRP which the referenced comment is about. On Tuesday, 14 December 2021 at

Re: Feedback on some analysis I'm doing

Please refer to https://www.jenkins.io/doc/developer/plugin-development/dependencies-and-class-loading/ for background. -- You received this message because you are subscribed to the Google Groups "Jenkins Developers" group. To unsubscribe from this group and stop receiving emails from it, send

Re: Enabling Continuous Delivery / automated release process for Gradle project

On Tue, Dec 14, 2021 at 9:53 AM 'jn...@cloudbees.com' via Jenkins Developers wrote: > there is possibility of something part way between the current CD flow (no > junk pushes) and m-r-p > As mentioned previously

Re: Feedback on some analysis I'm doing

Thanks Jesse & boa...@! I get it now. Does it make sense to get plugins to stop using libraries already in jenkins-core's dependency tree? i.e. are those libraries part of the contract? If they can be considered guaranteed by jenkins-core, we can just remove the dependencies. If they can't,

Re: how to change log4j-over-slf4j-1.7.31 to 2.15 version

Affected code wrt log4j component vulnerability CVE-2021-44228 exits in log4j core libraries: log4j-core-*.jar. I am not sure why your org wanted you to update/remove log4j-over-slf4j-1.7.31 Thanks M.Madhu On Tue, Dec 14, 2021 at 7:26 AM 'Daniel Beck' via Jenkins Developers <

Re: Enabling Continuous Delivery / automated release process for Gradle project

Hello, It is possible to configure it so that the release process is triggered manually (accumulating several changes) instead of an automatic trigger. The documentation (or sample code) shows what is the section to "comment out". /- Jmm Le mar. 14 déc. 2021 à 15:53, 'jn...@cloudbees.com' via

Re: Enabling Continuous Delivery / automated release process for Gradle project

there is possibility of something part way between the current CD flow (no junk pushes) and m-r-p. m-r-p does not have to just take the current version and remove snapshot and increment the last digit, nor does it need to push the commits back (just the tag) (which I believe are your main

Re: how to change log4j-over-slf4j-1.7.31 to 2.15 version

On Tue, Dec 14, 2021 at 1:15 PM Mohammad Jameel Uddin < mohammad.jameelud...@saucelabs.com> wrote: > Yes, they(my organization) requested an update to autonomiq plugin, but it > is not on the list of affected plugins. > >

Re: how to change log4j-over-slf4j-1.7.31 to 2.15 version

Hi Meessen, Yes, they(my organization) requested an update to autonomiq plugin, but it is not on the list of affected plugins. https://issues.jenkins.io/browse/JENKINS-67353?jql=labels%20%3D%20CVE-2021-44228 Do I need to change the log4j version or not? Thanks & Regards, Md Jameel Uddin. On

Re: how to change log4j-over-slf4j-1.7.31 to 2.15 version

Hello Mohammad, Could you tell us if they requested an update to a particular plugin ? Or is it more in general ? Did you see the Log4j CVE related blog post : https://www.jenkins.io/blog/2021/12/10/log4j2-rce-CVE-2021-44228/ /- Jmm Le mar. 14 déc. 2021 à 10:53, Mohammad Jameel Uddin <

how to change log4j-over-slf4j-1.7.31 to 2.15 version

Hi All, In my organistaion, they are asking me to change log4j 1.7.31 to 2.15 version in jenkins plugin, can someone tell me how to do it? Thanks & Regards, Md Jameel Uddin -- You received this message because you are subscribed to the Google Groups "Jenkins Developers" group. To

2.319.2 Release lead

Hello Is anyone interested in being the release lead for 2.319.2? Planned dates can be seen on the event calendar: https://www.jenkins.io/events/#event-calendar Release candidate by 15th December (short notice apologies but can delay a couple of days) Release on 12th January The documentation