Releases: jenkinsci/credentials-binding-plugin
Releases · jenkinsci/credentials-binding-plugin
604.vb_64480b_c56ca_
🔒 Security
- Security improvement: Apply credentials masking in "push" mode for steps from Pipeline: Nodes and Processes even when plugins call
SecretPatterns#getAggregateSecretPatternfrom an agent, which is unsupported. See SECURITY-3075 in the 2023-04-12 security advisory. This is not a security fix but it mitigates the impact of security vulnerabilities in other plugins. This is the same improvement that was originally published in 523.525.vb_72269281873.
📦 Dependency updates
- Bump plugin from 4.58 to 4.59 (#238) @dependabot
- Bump plugin from 4.57 to 4.58 (#236) @dependabot
Contributors
dependabot
Assets 2
523.525.vb_72269281873
🔒 Security
- Security improvement: Apply credentials masking in "push" mode for steps from Pipeline: Nodes and Processes even when plugins call
SecretPatterns#getAggregateSecretPatternfrom an agent, which is unsupported. See SECURITY-3075 in the 2023-04-12 security advisory. This is not a security fix but it mitigates the impact of security vulnerabilities in other plugins.
523.vd859a_4b_122e6
👷 Changes for plugin developers
👻 Maintenance
- Use WorkspaceList.tempDir (#156) @offa
- Code improvements, some deprecated API calls replaced and JSR 305 removed (#150) @offa
- Use
java.nio.charset.StandardCharsetswhere possible (#145) @basil
📦 Dependency updates
21 changes
- Update POM & BOM, test on Java 17 (#175) @jglick
- Bump bom-2.319.x from 1210.vcd41f6657f03 to 1246.va_b_50630c1d19 (#172) @dependabot
- Bump plugin from 4.38 to 4.39 (#171) @dependabot
- Integration test of
Credentials.forRun(#169) @jglick - Bump plugin from 4.37 to 4.38 (#168) @dependabot
- Bump plugin from 4.35 to 4.37 (#167) @dependabot
- Bump plugin from 4.34 to 4.35 (#166) @dependabot
- Bump plugin from 4.33 to 4.34 (#165) @dependabot
- Bump xmlunit-matchers from 2.8.4 to 2.9.0 (#164) @dependabot
- Update parent, baseline, BOM (#163) @jglick
- Bump plugin from 4.31 to 4.32 (#160) @dependabot
- Bump git-changelist-maven-extension from 1.2 to 1.3 (#161) @dependabot
- Bump xmlunit-matchers from 2.8.3 to 2.8.4 (#159) @dependabot
- Bump plugin from 4.29 to 4.31 (#158) @dependabot
- Bump xmlunit-matchers from 2.8.2 to 2.8.3 (#154) @dependabot
- Bump plugin from 4.28 to 4.29 (#155) @dependabot
- Bump plugin from 4.25 to 4.28 (#153) @dependabot
- Bump plugin from 4.24 to 4.25 (#151) @dependabot
- Bump bom-2.235.x from 887.vae9c8ac09ff7 to 918.vae501d2cdc99 (#148) @dependabot
- Bump plugin from 4.21 to 4.24 (#149) @dependabot
- Bump plugin from 4.19 to 4.21 (#147) @dependabot
Contributors
basil, jglick, and 2 other contributors
Assets 2
1.27
🐛 Bug fixes
- Do not suggest
passphraseVariable: '', usernameVariable: ''in snippet generator (#144) @jglick - JENKINS-64361 - Make fix for JENKINS-44860 - apply to Pipeline step arguments as well (take II) (#143) @jglick
📦 Dependency updates
- Bump git-changelist-maven-extension from 1.0-beta-7 to 1.2 (#142) @dependabot
- Bump bom-2.235.x from 872.v03c18fa35487 to 887.vae9c8ac09ff7 (#140) @dependabot
1.26
🚀 New features and improvements
📦 Dependency updates
- Bump bom-2.235.x from 841.vd6e713d848ab to 872.v03c18fa35487 (#137) @dependabot
- Bump bom-2.235.x from 831.v9814430e6383 to 841.vd6e713d848ab (#136) @dependabot
👻 Maintenance
1.25
🚀 New features and improvements
- JENKINS-44860 - Honor secret setting for username (#132) @jglick
📦 Dependency updates
- Bump plugin from 4.18 to 4.19 (#135) @dependabot
- Bump bom-2.235.x from 807.v6d348e44c987 to 831.v9814430e6383 (#134) @dependabot
- Bump bom-2.235.x from 29 to 807.v6d348e44c987 (#133) @dependabot
- Bump authorize-project from 1.3.0 to 1.4.0 and update to 2.235.x line (#125) @dependabot
- Bump plugin from 4.17 to 4.18 (#127) @dependabot
- Bump plugin from 4.16 to 4.17 (#126) @dependabot
- Bump plugin from 4.15 to 4.16 (#124) @dependabot
- Bump xmlunit-matchers from 2.8.1 to 2.8.2 (#123) @dependabot
- Bump plugin from 4.14 to 4.15 (#122) @dependabot
- Bump plugin from 4.13 to 4.14 (#121) @dependabot
- Bump xmlunit-matchers from 2.8.0 to 2.8.1 (#119) @dependabot
- Bump plugin from 4.12 to 4.13 (#118) @dependabot
- Bump xmlunit-matchers from 2.7.0 to 2.8.0 (#117) @dependabot
- Bump bom-2.176.x from 15 to 16 (#116) @dependabot
- Bump plugin from 4.10 to 4.12 (#113) @dependabot
- Bump bom-2.176.x from 13 to 15 (#114) @dependabot
📝 Documentation updates
- Improve interpolation documentation and changelog references (#130) @daniel-beck
- JENKINS-65398 - Terminology update (#128) @twasyl
- Update documentation link. (#120) @jeffret-b
👻 Maintenance
maven-windowsagents seem broken (#129) @jglick- Update Dependabot config file (#115) @dependabot
1.24
🚀 New features and improvements
- JENKINS-63254 - JENKINS-47101 - Watch sensitive variables (#105) @car-roll
📦 Dependency updates
- Bump plugin from 4.9 to 4.10 (#112) @dependabot
- Bump plugin from 4.7 to 4.9 (#111) @dependabot
- Bump plugin from 4.6 to 4.7 (#108) @dependabot
- Bump plugin from 4.4 to 4.6 (#106) @dependabot
- Bump plugin from 4.3 to 4.4 (#102) @dependabot
- Bump plugin from 4.2 to 4.3 (#101) @dependabot
- Bump bom-2.164.x from 9 to 10 (#100) @dependabot
- Bump plugin from 4.1 to 4.2 (#98) @dependabot
- Bump xmlunit-matchers from 2.6.4 to 2.7.0 (#99) @dependabot
📝 Documentation updates
- Highlight importance of using single-quotes. (#110) @jeffret-b
- Replace 'slave' with 'agent' in README and help text (#103) @dwnusbaum
1.22
📦 Dependency updates
- Bump plugin from 3.57 to 4.1 (#97) @dependabot
- 2.164.x (#94) @jglick
- Bump bom-2.150.x from 6 to 7 (#93) @dependabot
- Bump plugin from 3.56 to 3.57 (#89) @dependabot
- Bump bom-2.150.x from 5 to 6 (#91) @dependabot
- Bump xmlunit-matchers from 2.6.3 to 2.6.4 (#90) @dependabot
📝 Documentation updates
- Add some documentation about not masking multi-line secrets. (#92) @jeffret-b
1.21
📦 Dependency updates
- Updates (#87) @jglick
- Bump plain-credentials from 1.3 to 1.7 (#84) @dependabot
- Bump bom-2.150.x from 4 to 5 (#82) @dependabot
- Bump bom-2.150.x from 3 to 4 (#77) @dependabot
- Bump plugin from 3.49 to 3.50 (#74) @dependabot
- Bump io.jenkins.tools.bom:bom from 2.150.1 to 2.150.2 (#73) @dependabot
- Bump plugin from 3.48 to 3.49 (#70) @dependabot
📝 Documentation updates
1.20
🚀 New features and improvements
📦 Dependency updates
- Bump authorize-project from 1.1.0 to 1.3.0 (#67) @dependabot-preview
- Bump xmlunit-matchers from 2.2.0 to 2.6.3 (#68) @dependabot-preview
- Bump plugin from 3.47 to 3.48 (#64) @dependabot-preview
- Using BOM (#62) @jglick