Releases: jenkinsci/credentials-binding-plugin
Releases · jenkinsci/credentials-binding-plugin
677.vdc9d38cb_254d
🐛 Bug fixes
- JENKINS-72412 - Overmasking when trivial “secrets” bound (#306) @jglick
👻 Maintenance
📦 Dependency updates
- Bump io.jenkins.tools.bom:bom-2.414.x from 2746.vb_79a_1d3e7b_c8 to 2982.vdce2153031a_0 (#305) @dependabot
- Bump org.xmlunit:xmlunit-matchers from 2.9.1 to 2.10.0 (#307) @dependabot
- Bump org.jenkins-ci.plugins:plugin from 4.79 to 4.81 (#304) @dependabot
- Bump io.jenkins.tools.incrementals:git-changelist-maven-extension from 1.7 to 1.8 (#303) @dependabot
- Bump org.jenkins-ci.plugins:plugin from 4.77 to 4.79 (#297) @dependabot
- Bump io.jenkins.tools.bom:bom-2.414.x from 2543.vfb_1a_5fb_9496d to 2746.vb_79a_1d3e7b_c8 (#289) @dependabot
Contributors
jglick and dependabot
Assets 2
657.v2b_19db_7d6e6d
👷 Changes for plugin developers
📦 Dependency updates
- Suppress warnings for spotbugs 4.8.3 (#286) @MarkEWaite
- Bump org.jenkins-ci.plugins:plugin from 4.75 to 4.76 (#285) @dependabot
- Bump io.jenkins.tools.bom:bom-2.387.x from 2244.vd60654536b_96 to 2543.vfb_1a_5fb_9496d (#282) @dependabot
- jep-227 downstream usage (#280) @Vlatombe
- Bump org.jenkins-ci.plugins:plugin from 4.74 to 4.75 (#281) @dependabot
Contributors
MarkEWaite, Vlatombe, and 2 other contributors
Assets 2
642.v737c34dea_6c2
👷 Changes for plugin developers
👻 Maintenance
- Test with Java 21 (#273) @MarkEWaite
📦 Dependency updates
- Bump org.jenkins-ci.plugins:plugin from 4.73 to 4.74 (#276) @dependabot
Contributors
jglick, MarkEWaite, and dependabot
Assets 2
636.v55f1275c7b_27
🚀 New features and improvements
📦 Dependency updates
- Bump org.jenkins-ci.plugins:plugin from 4.71 to 4.73 (#267) @dependabot
Contributors
dependabot and Kevin-CB
Assets 2
631.v861c06d062b_4
🐛 Bug fixes
- SECURITY-3075 -
getAggregateSecretPatternto fail when run inside agent JVM (#260) @jglick
Contributors
jglick
Assets 2
626.v8d9034b_8ea_cc
Contributors
jglick
Assets 2
621.v58c0fb_d285a_c
👷 Changes for plugin developers
📦 Dependency updates
- Bump git-changelist-maven-extension from 1.6 to 1.7 (#254) @dependabot
- Bump plugin from 4.68 to 4.71 (#257) @dependabot
- Bump plugin from 4.66 to 4.68 (#253) @dependabot
- Bump plugin from 4.64 to 4.66 (#250) @dependabot
- Bump plugin from 4.63 to 4.64 (#248) @dependabot
- Bump plugin from 4.62 to 4.63 (#245) @dependabot
- Bump plugin from 4.61 to 4.62 (#242) @dependabot
- Bump plugin from 4.59 to 4.61 (#241) @dependabot
Contributors
jglick and dependabot
Assets 2
604.vb_64480b_c56ca_
🔒 Security
- Security improvement: Apply credentials masking in "push" mode for steps from Pipeline: Nodes and Processes even when plugins call
SecretPatterns#getAggregateSecretPatternfrom an agent, which is unsupported. See SECURITY-3075 in the 2023-04-12 security advisory. This is not a security fix but it mitigates the impact of security vulnerabilities in other plugins. This is the same improvement that was originally published in 523.525.vb_72269281873.
📦 Dependency updates
- Bump plugin from 4.58 to 4.59 (#238) @dependabot
- Bump plugin from 4.57 to 4.58 (#236) @dependabot
Contributors
dependabot
Assets 2
523.525.vb_72269281873
🔒 Security
- Security improvement: Apply credentials masking in "push" mode for steps from Pipeline: Nodes and Processes even when plugins call
SecretPatterns#getAggregateSecretPatternfrom an agent, which is unsupported. See SECURITY-3075 in the 2023-04-12 security advisory. This is not a security fix but it mitigates the impact of security vulnerabilities in other plugins.
523.vd859a_4b_122e6
👷 Changes for plugin developers
👻 Maintenance
- Use WorkspaceList.tempDir (#156) @offa
- Code improvements, some deprecated API calls replaced and JSR 305 removed (#150) @offa
- Use
java.nio.charset.StandardCharsetswhere possible (#145) @basil
📦 Dependency updates
21 changes
- Update POM & BOM, test on Java 17 (#175) @jglick
- Bump bom-2.319.x from 1210.vcd41f6657f03 to 1246.va_b_50630c1d19 (#172) @dependabot
- Bump plugin from 4.38 to 4.39 (#171) @dependabot
- Integration test of
Credentials.forRun(#169) @jglick - Bump plugin from 4.37 to 4.38 (#168) @dependabot
- Bump plugin from 4.35 to 4.37 (#167) @dependabot
- Bump plugin from 4.34 to 4.35 (#166) @dependabot
- Bump plugin from 4.33 to 4.34 (#165) @dependabot
- Bump xmlunit-matchers from 2.8.4 to 2.9.0 (#164) @dependabot
- Update parent, baseline, BOM (#163) @jglick
- Bump plugin from 4.31 to 4.32 (#160) @dependabot
- Bump git-changelist-maven-extension from 1.2 to 1.3 (#161) @dependabot
- Bump xmlunit-matchers from 2.8.3 to 2.8.4 (#159) @dependabot
- Bump plugin from 4.29 to 4.31 (#158) @dependabot
- Bump xmlunit-matchers from 2.8.2 to 2.8.3 (#154) @dependabot
- Bump plugin from 4.28 to 4.29 (#155) @dependabot
- Bump plugin from 4.25 to 4.28 (#153) @dependabot
- Bump plugin from 4.24 to 4.25 (#151) @dependabot
- Bump bom-2.235.x from 887.vae9c8ac09ff7 to 918.vae501d2cdc99 (#148) @dependabot
- Bump plugin from 4.21 to 4.24 (#149) @dependabot
- Bump plugin from 4.19 to 4.21 (#147) @dependabot
Contributors
basil, jglick, and 2 other contributors