The Jenkins plugin ecosystem is highly active, and it’s not uncommon to come across deprecated plugins. This can be both positive and negative. On the positive side, it signifies that the plugin is no longer necessary since its functionality has been integrated into Jenkins core or rendered obsolete by new…
The Jenkins project packages and plugins are hosted through a network of mirror servers (provided by our sponsors) close to your location. It provides a "HTTP redirector" service hosted behind the get.jenkins.io, mirrors.jenkins.io and mirrors.jenkins-ci.org domains, with a new public IP: `20.119.232.75` 20.7.178.24 (as per /blog/2023/07/12/jenkins-mirrors-postmortem-outage/) since the 12th of…
Key Takeaways Red Hat Enterprise Linux 7, and derivatives like CentOS 7, reach early end of life. Upgrades and improvements of Jenkins components continue with significant progress towards the eventual removal of Prototype.js from Jenkins core. Thanks to a kind donation from Launchable, pull requests to Jenkins core now complete…
On Friday 7th of July 2023, the Jenkins infrastructure suffered a major outage from 11:05am UTC until 15:25pm UTC with complete downtime of the following public services: accounts.jenkins.io fallback.get.jenkins.io get.jenkins.io incrementals.jenkins.io javadoc.jenkins.io plugin-health.jenkins.io plugin-site-issues.jenkins.io plugins.origin.jenkins.io plugins.jenkins.io rating.jenkins.io repo.azure.jenkins.io reports.jenkins.io stories.jenkins.io uplink.jenkins.io weekly.ci.jenkins.io www.origin.jenkins.io We also had complete downtime of the…
Introduction A bug fix, security fix, or new features are of no use unless they are released. A production release not only provides users with an updated plugin, but also gives the developers a chance to get feedback on their work. The "unreleased production changes" probe looks for unreleased commits…
Introduction The Jenkins Security team offers a GitHub action that automatically scans the plugin source code during Continuous Integration and reports security issues. The Jenkins community considers using such tools to ensure a high-security level for plugins as a good practice. The Security Scan probe identifies whether the plugin is…
Introduction A third-party repository is a repository that is not hosted at https://repo.jenkins-ci.org/. The Jenkins Infra team was concerned about the dependencies used by third-party repositories. These repositories are a concern, not just for security reasons, but also for reliability. The third-party repository detection probe ensures that plugins are built…
The Jenkins in GSoC program recently reached its midterm milestone for GSoC 2023. This milestone served to assess performance, and precipitate pass/fail decisions. Taking time to evaluate the progress and workflow of the project provides an opportunity to correct course and address underlying issues. Earlier this month, on the Jenkins…
Jenkins has fully supported Java 17 since the 2.357 weekly release and 2.361.1 Long Term Support release. For this reason, we have transitioned to using Java 17 in the Jenkins user handbook. This includes the installation guides, Pipeline documentation, and Pipeline syntax. Refer to the GitHub issue for additional information…
Key Takeaways A Jenkins Core security advisory was published on July 26 The official documentation has migrated to Java 17 Operating system end of life notifications have been added Contributed by: Wadeck Follonier During July, there were two Security Advisories published: Plugin security advisory published on July 12 Multiple high-score…