4.32
·
648 commits
to master
since this release
π₯ Compatibility warning
The Enforcer update in #456 triggers new errors in many plugins involving provided scope. If a Dependabot update produces a build failure mentioning RequireUpperBoundDeps, first update the plugin BOM to 1090.v0a_33df40457a_ or later (which necessitates updating the minimum Jenkins version to 2.289.1 or later), then rebase the Dependabot update against the result with @dependabot rebase. If you cannot update the plugin BOM to 1090.v0a_33df40457a_ or later, then exclude the problematic dependency trail to satisfy Enforcer.
You will also need to switch annotations from javax.annotation.* to edu.umd.cs.findbugs.annotations.* equivalents as in jenkinsci/jenkins#4604.
π¨ Removed
π New features and improvements
- Get annotation versions from core BOM (#470) @basil
- Ban vulnerable versions of Apache Log4j 2 (#465) @basil
π Bug fixes
- Work around issues on 2.222.x, 2.235.x, and 2.289.x (#477) @basil
- Exclude
javax.servlet:servlet-api(#469) @basil
π¦ Dependency updates
- Bump Extra Enforcer rules from 1.3 to 1.5.1 (#471) @Vlatombe
- Bump Jenkins test harness from 1645.vf98fc478f846 to 1674.v3b8b1441e939 (#476, #464) @basil
- Bump Maven HPI plugin from 3.20 to 3.22 (#475, #460) @dependabot
- Bump Mockito from 4.0.0 to 4.2.0 (#474, #459) @dependabot
- Bump Access modifier from 1.25 to 1.27 (#473) @basil
- Bump SpotBugs annotations from 4.4.2 to 4.5.1 (#466, #454) @dependabot
- Bump Mock Repository Manager Maven plugin from 1.2.0 to 1.3.0 (#463) @dependabot
- Bump GMavenPlus plugin from 1.13.0 to 1.13.1 (#461) @dependabot
- Bump Maven Enforcer plugin from 3.0.0-M3 to 3.0.0 (#456) @basil
- Bump Jenkins test annotations from 1.3 to 1.4 (#455) @dependabot
π Documentation updates
π» Maintenance
Contributors
basil, Vlatombe, and dependabot