Mark Waite
Mark is a member of the Jenkins governing board, a long-time Jenkins user and contributor, a core maintainer, and maintainer of the git plugin, the git client plugin, the platform labeler plugin, the embeddable build status plugin, and several others. He is one of the authors of the "Improve a plugin" tutorial.
Amazon Web Services has donated $60,000 in cloud credits to the Jenkins project. We are especially grateful for their donation and their support of Jenkins. The Jenkins project has used AWS for many years to provide a wide range of services. AWS provides the central distribution point for Jenkins core and Jenkins plugin downloads through the Jenkins update center. We’ve used AWS Graviton servers...
Contributed by: Wadeck Follonier The Jenkins Security team has multiple missions, with the most visible to users being the publication of advisories. In 2023, the team published 17 advisories: 4 included Jenkins core, and 13 were solely about plugins. In total, 211 vulnerabilities were announced. In terms of reporting trends, we have seen an increase in people reporting CVEs originating from dependencies. Our position on...
Key Takeaways Basil Crow joins the Jenkins Governance Board. A Jenkins Contributor Summit will be held prior to FOSDEM. The Contributor Spotlight site is now live. Contributed by: Mark Waite Basil Crow joins the Jenkins governance board in December 2023. He’ll serve for a two-year term. Thanks to Basil for his willingness to serve. More details of the 2023 governance board and officer changes are available in a...
Key Takeaways JDK21 is available on the infrastructure and in official Docker images too. 💥Breaking change: set Java 17 as default for LTS. Prototype has been removed as of weekly 2.426 Contributed by: Wadeck Follonier Core security advisory published on October 18 https://jenkins.io/security/advisory/2023-10-18/ Includes an essential Jetty update that provided multiple fixes. Plugin security advisory published on October 25 https://jenkins.io/security/advisory/2023-10-25/ Multiple high score vulnerabilities in various plugins During Hacktoberfest, the Content...
Key Takeaways JDK21 is around the corner Contributed by: Wadeck Follonier A plugin security advisory was published on September 6. Security Advisory 2023-09-06 This included multiple high score vulnerabilities in various plugins. A core security advisory was published on September 20. Security Advisory 2023-09-20 Multiple vulnerabilities were corrected in core. This advisory also included fixes for a plugin. Contributed by: Mark Waite Voter registration is now open for the 2023 Jenkins...
Key Takeaways Jenkins project reports growth of 79% in Jenkins Pipeline, used to propel software delivery. Contributed by: Wadeck Follonier Andrea Chiera completed his 3 months internship within the Security team, auditing 100 plugins and finding 20+ vulnerabilities. Summer Internship in Jenkins security Thank you very much for your involvement and also to the team for mentoring him. A Plugin security advisory was published on August...
DevOps World Tour is coming to a city near you with events in multiple locations across the US, UK, and Asia. Jenkins project contributors will be attending and presenting in each city on the tour. Tim Jacomb - London Tim Jacomb will be presenting in London. Tim is a lead software engineer at Kainos and has been the the Jenkins release officer since December...
JFrog has been a sponsor of the Jenkins project for many years. We’re delighted that they continue to sponsor the Jenkins project and continue to provide our artifact hosting service, repo.jenkins-ci.org. Releases, incremental development builds, and snapshots of Jenkins core, Jenkins tooling, Jenkins plugins, and Jenkins infrastructure components are hosted on JFrog Artifactory. The worldwide Jenkins community has been well served for many...
A Jenkins job mistakenly rebuilt the Linux container images for recent Jenkins weekly releases and recent Jenkins LTS releases. Users that downloaded some of those Linux container images received container images that could not run the Jenkins controller. The incorrect container images would fail to run with the message that Jenkins is not supported with Java 8. Running with Java 8 from /usr/lib/jvm/java-1.8-openjdk/jre, which...