We are thrilled to announce that Jenkins has been accepted to Google Summer of Code 2024! This will be Jenkins' eighth year as a mentoring organization. Congratulations to all 195 accepted open-source organizations! As a mentoring organization for the past seven years, Jenkins has mentored 35 GSoC students by 85+…
You have a GitHub repo and a Jenkins server. The Jenkins server has jobs for running unit tests, computing code coverages, and executing static analyses. Every time someone opens a PR to your repo, you ask them to run those jobs, take screenshots of the results, and paste these screenshots…
The Jenkins in GSoC program recently reached its midterm milestone for GSoC 2023. This milestone served to assess performance, and precipitate pass/fail decisions. Taking time to evaluate the progress and workflow of the project provides an opportunity to correct course and address underlying issues. Earlier this month, on the Jenkins…
The Google Summer of Code 2024 contributor application period has ended and we are excited to have received over 75 valid applications from potential contributors, interested in contributing to Jenkins via this program. We are grateful to all the students who applied and look forward to reviewing their applications over…
The Jenkins project packages and plugins are hosted through a network of mirror servers (provided by our sponsors) close to your location. It provides a "HTTP redirector" service hosted behind the get.jenkins.io, mirrors.jenkins.io and mirrors.jenkins-ci.org domains, with a new public IP: `20.119.232.75` 20.7.178.24 (as per /blog/2023/07/12/jenkins-mirrors-postmortem-outage/) since the 12th of…
Summary Beginning with the Jenkins 2.463 weekly release (scheduled for release on June 18, 2024), Jenkins requires Java 17 or newer. The Jenkins 2.452.x LTS line will continue to require Java 11 or newer, as will the LTS line (possibly 2.462.1) that is scheduled for release on July 24, 2024,…
The previous in-person Jenkins Contributor Summit took place in 2020, just prior to the lockdowns and precautions that would change the world. Thankfully, on February 2, 2024, just prior to this year’s FOSDEM conference, we were able to gather again, in Brussels, so that we could have an in-person Jenkins…
Introduction The Jenkins Security team offers a GitHub action that automatically scans the plugin source code during Continuous Integration and reports security issues. The Jenkins community considers using such tools to ensure a high-security level for plugins as a good practice. The Security Scan probe identifies whether the plugin is…
Introduction A third-party repository is a repository that is not hosted at https://repo.jenkins-ci.org/. The Jenkins Infra team was concerned about the dependencies used by third-party repositories. These repositories are a concern, not just for security reasons, but also for reliability. The third-party repository detection probe ensures that plugins are built…
Contributed by: Wadeck Follonier The Jenkins Security team has multiple missions, with the most visible to users being the publication of advisories. In 2023, the team published 17 advisories: 4 included Jenkins core, and 13 were solely about plugins. In total, 211 vulnerabilities were announced. In terms of reporting trends,…