Merge branch 'master' into update-help-icon

.gitattributes

@@ -15,8 +15,6 @@
 *.json          text
 *.jelly         text
 *.jellytag      text
-# JENKINS-68887: postcss-less fails to properly parse .less files with Windows line breaks
-*.less          text eol=lf
 *.properties    text
 *.rb            text
 *.sh            text

.github/PULL_REQUEST_TEMPLATE.md

@@ -40,17 +40,17 @@ For examples, see: https://www.jenkins.io/changelog/
 
 N/A
 
+```[tasklist]
 ### Submitter checklist
-
 - [ ] The Jira issue, if it exists, is well-described.
-- [ ] The changelog entries and upgrade guidelines are appropriate for the audience affected by the change (users or developers, depending on the change) and are in the imperative mood (see [examples](https://github.com/jenkins-infra/jenkins.io/blob/master/content/_data/changelogs/weekly.yml)).
-  - Fill in the **Proposed upgrade guidelines** section only if there are breaking changes or changes that may require extra steps from users during upgrade.
+- [ ] The changelog entries and upgrade guidelines are appropriate for the audience affected by the change (users or developers, depending on the change) and are in the imperative mood (see [examples](https://github.com/jenkins-infra/jenkins.io/blob/master/content/_data/changelogs/weekly.yml)). Fill in the **Proposed upgrade guidelines** section only if there are breaking changes or changes that may require extra steps from users during upgrade.
 - [ ] There is automated testing or an explanation as to why this change has no tests.
 - [ ] New public classes, fields, and methods are annotated with `@Restricted` or have `@since TODO` Javadocs, as appropriate.
 - [ ] New deprecations are annotated with `@Deprecated(since = "TODO")` or `@Deprecated(forRemoval = true, since = "TODO")`, if applicable.
 - [ ] New or substantially changed JavaScript is not defined inline and does not call `eval` to ease future introduction of Content Security Policy (CSP) directives (see [documentation](https://www.jenkins.io/doc/developer/security/csp/)).
 - [ ] For dependency updates, there are links to external changelogs and, if possible, full differentials.
 - [ ] For new APIs and extension points, there is a link to at least one consumer.
+```
 
 ### Desired reviewers
 
@@ -60,13 +60,14 @@ N/A
 If you need an accelerated review process by the community (e.g., for critical bugs), mention @jenkinsci/core-pr-reviewers.
 -->
 
-### Maintainer checklist
-
 Before the changes are marked as `ready-for-merge`:
 
+```[tasklist]
+### Maintainer checklist
 - [ ] There are at least two (2) approvals for the pull request and no outstanding requests for change.
 - [ ] Conversations in the pull request are over, or it is explicit that a reviewer is not blocking the change.
 - [ ] Changelog entries in the pull request title and/or **Proposed changelog entries** are accurate, human-readable, and in the imperative mood.
 - [ ] Proper changelog labels are set so that the changelog can be generated automatically.
 - [ ] If the change needs additional upgrade steps from users, the `upgrade-guide-needed` label is set and there is a **Proposed upgrade guidelines** section in the pull request title (see [example](https://github.com/jenkinsci/jenkins/pull/4387)).
 - [ ] If it would make sense to backport the change to LTS, a Jira issue must exist, be a _Bug_ or _Improvement_, and be labeled as `lts-candidate` to be considered (see [query](https://issues.jenkins.io/issues/?filter=12146)).
+```

.github/config.yml

@@ -0,0 +1,25 @@
+newPRWelcomeComment: >
+  Yay, your first pull request towards Jenkins core was created successfully!
+  Thank you so much!
+  <br>
+  <br>
+  A contributor will provide feedback soon.
+  Meanwhile, you can join the [chats](https://app.gitter.im/#/room/#jenkins-ci:matrix.org) and [community forums](https://community.jenkins.io/) to connect with other Jenkins users, developers, and maintainers.
+
+firstPRMergeComment: >
+  Congratulations on getting your very first Jenkins core pull request merged 🎉🥳
+  <br>
+  <br>
+  This is a fantastic achievement, and we're thrilled to have you as part of our community!
+  Thank you for your valuable input, and we look forward to seeing more of your contributions in the future!
+  <br>
+  <br>
+  We would like to invite you to join the [community chats](https://app.gitter.im/#/room/#jenkins-ci:matrix.org) and [forums](https://community.jenkins.io/) to meet other Jenkins contributors 😊
+  <br>
+  Don't forget to check out the [participation](https://www.jenkins.io/participate/) page to learn more about how to contribute to Jenkins.
+
+  <a href="https://www.jenkins.io/participate/" target="_blank">
+   <picture>
+     <img width="600" src="https://raw.githubusercontent.com/jenkinsci/jenkins/master/.github/images/jenkins-welcome.svg">
+   </picture>
+  </a>

.github/dependabot.yml

@@ -17,7 +17,6 @@ updates:
       # version of Jetty we deliver. See:
       # https://github.com/jenkinsci/jenkins/pull/5211
       - dependency-name: "jakarta.servlet:jakarta.servlet-api"
-      - dependency-name: "javax.servlet:javax.servlet-api"
 
       # Jetty Maven Plugin and Winstone should be upgraded in lockstep in order
       # to keep their corresponding Jetty versions aligned.
@@ -52,9 +51,14 @@ updates:
       # Starting with 6.x, Spring Security requires Java 17 at a minimum.
       - dependency-name: "org.springframework.security:spring-security-bom"
         versions: [">=6.0.0"]
+
+      # Starting with 7.x, Guice switches from javax.* to jakarta.* bindings.
+      # See https://github.com/google/guice/wiki/Guice700
+      - dependency-name: "com.google.inject:guice-bom"
+        versions: [">=7.0.0"]
   - package-ecosystem: "maven"
     directory: "/"
-    target-branch: "stable-2.375"
+    target-branch: "stable-2.414"
     labels:
       - "into-lts"
       - "needs-justification"