[JENKINS-65161] remove commons-digester2 from core and upgrade plugins to commons-digester3 #20
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…s to commons-digester3 Signed-off-by: olivier lamy <olamy@apache.org>
oleg-nenashev
approved these changes
Mar 25, 2021
com.ibm.team.build.hjplugin/pom.xml
Outdated
| <dependency> | ||
| <groupId>commons-beanutils</groupId> | ||
| <artifactId>commons-beanutils</artifactId> | ||
| <!-- 1.9.4 when this merged https://github.com/stapler/stapler/pull/211 --> |
There was a problem hiding this comment.
Copy-paste comment? It is not that trivial for a plugin, a core version would need to be updated
There was a problem hiding this comment.
just enforce it's the good version for digester3 we have here.
There was a problem hiding this comment.
actually digester3 only need 1.8.3 but I try to have something higher to avoid security scan trigger
|
sounds weird at the end we will turn to have a plugin for each shared library... |
daniel-beck
requested changes
Mar 30, 2021
There was a problem hiding this comment.
Likely creates a security vulnerability as described in jenkinsci/jenkins#5320 (comment)
Signed-off-by: olivier lamy <olamy@apache.org>
|
@daniel-beck fixed |
Signed-off-by: olivier lamy <olamy@apache.org>
rsandell
approved these changes
Apr 29, 2021
10 tasks
batmat
requested review from
daniel-beck,
MRamonLeon,
bitwiseman,
car-roll and
alecharp
alecharp
approved these changes
May 3, 2021
rsandell
approved these changes
May 3, 2021
MRamonLeon
approved these changes
May 3, 2021
|
@lvaikunt do you think you could merge this PR and cut a release of the plugin? Thanks |
lvaikunt
reviewed
May 7, 2021
|
@alecharp Sure, I have started the review. |
No. It's just preparing the plugin for when the dependency is removed from Core. |
|
@lvaikunt ping :) |
|
@lvaikunt FYI, jenkinsci/jenkins#5320 has been approved by @jenkinsci/core-pr-reviewers and @jenkinsci/core and will likely be merged and released soon. To avoid impacting users of this plugin, I suggest this PR be merged and released at the earliest convenience. |
lvaikunt
approved these changes
May 27, 2021
|
Hello all, Regarding a release of the plugin, I think we can schedule one soon after performing the required testing. |
|
FYU @lvaikunt the Jenkins Core PR got merged. This means starting next Monday teamconcert will fail to load on the latest weekly if this PR does not get a release. |
lvaikunt
added a commit
that referenced
this pull request
Jun 21, 2021
Work Item 523684: Implementation for story 523413 Work Item 524415: [Team Concert Plugin] When pollingOnly option is enabled and a build definition managed by JBE or Build agent is provided, then validate configuration fails. Work Item 524678: Introduce pipeline dependency to add additional tests for task 523684 Work Item 524809: Implement story 523414 Work Item 526258: UI changes for request and waitforbuild steps Work Item 526259: Infrastructure for requestBuild and waitForBuild step Work Item 526719: Polling only integration tests with pipeline jobs Work Item 526721: Add descriptor validation and pipeline job integration tests for work item 524807 Work Item 526758: If wait time is less than or equal to 30 seconds, waitForBuild returns immediately Work Item 526759: rtcBuild step says Step for interacting with EWM build Work Item 526987: [Jenkins] Pipeline Job - Wait For Build validation checking on "Build states to wait for" field Work Item 527127: Implementation task for story 525339 Work Item 527128: Implementation task for story 525337 Work Item 527206: Implementation for list logs step Work Item 527207: Implementation for download logs step Work Item 527971: Messages review for Jenkins pipeline improvement stories - work item 523413, work item 523412 and work item 523414 Work Item 527972: Documentation for Jenkins pipeline improvement stories - work item 523413, work item 523412 and work item 523414 Work Item 528076: [Jenkins Plugins] Update README.adoc from Github repository to EWM stream Work Item 528189: Jenkins build number is only added to a work item if it succeeds Work Item 529645: Implementation task for story 528214 Work Item 529646: Implementation task for story 528215 Work Item 530488: UI changes for listlogs/listartifacts and downloadlogs/downloadartifacts Work Item 531515: The configuration UI for rtcBuild step is cluttered in Jenkins version 2.263.x Work Item 531596: Change references of Jenkins nodes to agent Work Item 531610: Minor fixes to build.xml to generate test data Work Item 531751: Error when loading help text for build result uuid field that is displayed when selecting "Download Log" from the task dropdown of rtcBuild pipeline step Work Item 531758: Help text for Task dropdown in the rtcBuild pipeline step doesn't include the text for newly added tasks. Work Item 531947: Documentation for listLogs, listArtifacts, downloadLogs and downloadArtifacts tasks Work Item 531948: Message reviews for listLogs, listArtifacts, downloadLogs, downloadArtifacts Work Item 531986: Adopt table to div migration to Jenkins pipeline improvements side stream Work Item 532270: Record the usage of credentials in Jenkins (build context) for Team concert plugin Work Item 532271: Record the usage of credentials in Jenkins (build context) for Team concert git plugin Work Item 532352: When both content Id and file name are not provided, the error message is incorrect Work Item 532664: Implement a task to retrieve snapshot details from a build result Work Item 532667: Extend the checkout step to accept a snapshot to be added to the Jenkins pipeline build and generate a changelog when pollingOnly is enabled Work Item 533437: Additional tests for work item 532667 and work item Work Item 533463: [Jenkins Plugin] Merge changes to side stream Work Item 536670: Adopt changes for pull request #20 Work Item 536741: [Build][Jenkins Plugin]Test failure in PollingOnlyChangeLogGenerationIT ~
lvaikunt
added a commit
that referenced
this pull request
Jun 21, 2021
Work Item 523684: Implementation for story 523413 Work Item 524147: Post release activities for Team Concert Plugin 2.2.0 Work Item 524150: Post release activities for Team Concert Git Plugin 2.0.2 Work Item 524332: Prepare for Team Concert Plugin side stream release 2.4.0 Work Item 524415: [Team Concert Plugin] When pollingOnly option is enabled and a build definition managed by JBE or Build agent is provided, then validate configuration fails. Work Item 524678: Introduce pipeline dependency to add additional tests for task 523684 Work Item 524809: Implement story 523414 Work Item 526253: Tests for work item 524807 Work Item 526254: pom file dependency changes Work Item 526258: UI changes for request and waitforbuild steps Work Item 526259: Infrastructure for requestBuild and waitForBuild step Work Item 526719: Polling only integration tests with pipeline jobs Work Item 526721: Add descriptor validation and pipeline job integration tests for work item 524807 Work Item 526758: If wait time is less than or equal to 30 seconds, waitForBuild returns immediately Work Item 526759: rtcBuild step says Step for interacting with EWM build Work Item 526987: [Jenkins] Pipeline Job - Wait For Build validation checking on "Build states to wait for" field Work Item 527127: Implementation task for story 525339 Work Item 527128: Implementation task for story 525337 Work Item 527206: Implementation for list logs step Work Item 527207: Implementation for download logs step Work Item 527971: Messages review for Jenkins pipeline improvement stories - work item 523413, work item 523412 and work item 523414 Work Item 527972: Documentation for Jenkins pipeline improvement stories - work item 523413, work item 523412 and work item 523414 Work Item 528052: Move content for Pipeline from SCM to jazz.net wiki Work Item 528076: [Jenkins Plugins] Update README.adoc from Github repository to EWM stream Work Item 528189: Jenkins build number is only added to a work item if it succeeds Work Item 529645: Implementation task for story 528214 Work Item 529646: Implementation task for story 528215 Work Item 530488: UI changes for listlogs/listartifacts and downloadlogs/downloadartifacts Work Item 531029: Tests for work item 528833 Work Item 531031: -rtc plugin changes for listLog/artifact and downloadLog/Artifact Work Item 531404: Fix the path to scmtools in the check script Work Item 531515: The configuration UI for rtcBuild step is cluttered in Jenkins version 2.263.x Work Item 531596: Change references of Jenkins nodes to agent Work Item 531610: Minor fixes to build.xml to generate test data Work Item 531751: Error when loading help text for build result uuid field that is displayed when selecting "Download Log" from the task dropdown of rtcBuild pipeline step Work Item 531758: Help text for Task dropdown in the rtcBuild pipeline step doesn't include the text for newly added tasks. Work Item 531947: Documentation for listLogs, listArtifacts, downloadLogs and downloadArtifacts tasks Work Item 531948: Message reviews for listLogs, listArtifacts, downloadLogs, downloadArtifacts Work Item 531986: Adopt table to div migration to Jenkins pipeline improvements side stream Work Item 532270: Record the usage of credentials in Jenkins (build context) for Team concert plugin Work Item 532271: Record the usage of credentials in Jenkins (build context) for Team concert git plugin Work Item 532352: When both content Id and file name are not provided, the error message is incorrect Work Item 532664: Implement a task to retrieve snapshot details from a build result Work Item 532667: Extend the checkout step to accept a snapshot to be added to the Jenkins pipeline build and generate a changelog when pollingOnly is enabled Work Item 533346: Post release activities for Team Concert Plugin 2.2.1 Work Item 533347: Post release activities for Team Concert Git Plugin 2.0.3 Work Item 533350: [7.0.3] Track changes to -rtc jar 2.2.2 Work Item 533437: Additional tests for work item 532667 and work item Work Item 533463: [Jenkins Plugin] Merge changes to side stream Work Item 536670: Adopt changes for pull request #20 Work Item 536741: [Build][Jenkins Plugin]Test failure in PollingOnlyChangeLogGenerationIT
|
A new version of Team concert plugin (2.4.0) with the above changes will be released today. |
|
Team Concert Plugin 2.4.0 released on June 21 2021. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.