Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-38978

Plugin needs updating to address SECURITY-170

    Details

    • Type: Bug
    • Status: Resolved (View Workflow)
    • Priority: Critical
    • Resolution: Fixed
    • Component/s: maven-metadata-plugin
    • Labels:
      None
    • Environment:
      Jenkins ver. 1.656
      maven-metadata-plugin 1.5.0
    • Similar Issues:

      Description

      Version 1.7 of the Matrix Project Plugin

      JENKINS-34758 Parameters visibility in child builds (related to SECURITY-170)

      Broke the maven-metadata-plugin in that the parameters are no longer passed down to child matrix jobs.

      https://wiki.jenkins-ci.org/display/JENKINS/Plugins+affected+by+fix+for+SECURITY-170

        Attachments

          Issue Links

            Activity

            emoshaya_cognitoiq Ebrahim Moshaya created issue -
            emoshaya_cognitoiq Ebrahim Moshaya made changes -
            Field Original Value New Value
            Description Version 1.7 of the [Matrix Project Plugin|https://wiki.jenkins-ci.org/display/JENKINS/Matrix+Project+Plugin]

            JENKINS-34758 Parameters visibility in child builds (related to SECURITY-170)

            Broke the maven-metadata-plugin in that the parameters are no longer passed down to child matrix jobs.
            Version 1.7 of the [Matrix Project Plugin|https://wiki.jenkins-ci.org/display/JENKINS/Matrix+Project+Plugin]

            JENKINS-34758 Parameters visibility in child builds (related to SECURITY-170)

            Broke the maven-metadata-plugin in that the parameters are no longer passed down to child matrix jobs.

            https://wiki.jenkins-ci.org/display/JENKINS/Plugins+affected+by+fix+for+SECURITY-170
            marcrohlfs Marc Rohlfs made changes -
            Assignee Gesh Markov [ gesh ] Marc Rohlfs [ marcrohlfs ]
            marcrohlfs Marc Rohlfs made changes -
            Status Open [ 1 ] In Progress [ 3 ]
            Hide
            scm_issue_link SCM/JIRA link daemon added a comment -

            Code changed in jenkins
            User: Marc Rohlfs
            Path:
            pom.xml
            src/dev/assets/work/jobs/test-freestyle/config.xml
            src/dev/assets/work/jobs/test-freestyle/currentArtifactInfo.txt
            src/dev/assets/work/jobs/test-matrix/config.xml
            src/dev/assets/work/jobs/test-matrix/currentArtifactInfo.txt
            src/dev/assets/work/jobs/testjob/config.xml
            src/dev/assets/work/jobs/testjob/currentArtifactInfo.txt
            http://jenkins-ci.org/commit/maven-metadata-plugin/b7609bbd7ab675995b5116eaec95281ee071be51
            Log:
            JENKINS-38978 Reproduce param passing problem in matrix projects

            The reproduction of the parameters not being passed to child jobs in
            multi-configuration projects requires:

            • adding a new test-matrix job for the dev environment
            • upgrading to Jenkins 1.609
            • adding the matrix-project plugin (in test scope) with version 1.7
            • upgrading the credentials plugin to 1.14

            The freestyle test job for the development workspace was renamed and
            improved, too.

            Show
            scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Marc Rohlfs Path: pom.xml src/dev/assets/work/jobs/test-freestyle/config.xml src/dev/assets/work/jobs/test-freestyle/currentArtifactInfo.txt src/dev/assets/work/jobs/test-matrix/config.xml src/dev/assets/work/jobs/test-matrix/currentArtifactInfo.txt src/dev/assets/work/jobs/testjob/config.xml src/dev/assets/work/jobs/testjob/currentArtifactInfo.txt http://jenkins-ci.org/commit/maven-metadata-plugin/b7609bbd7ab675995b5116eaec95281ee071be51 Log: JENKINS-38978 Reproduce param passing problem in matrix projects The reproduction of the parameters not being passed to child jobs in multi-configuration projects requires: adding a new test-matrix job for the dev environment upgrading to Jenkins 1.609 adding the matrix-project plugin (in test scope) with version 1.7 upgrading the credentials plugin to 1.14 The freestyle test job for the development workspace was renamed and improved, too.
            Hide
            scm_issue_link SCM/JIRA link daemon added a comment -

            Code changed in jenkins
            User: Marc Rohlfs
            Path:
            README.md
            pom.xml
            http://jenkins-ci.org/commit/maven-metadata-plugin/cfbbacc030ebc1601ace16f8a26deffd0c6af04b
            Log:
            JENKINS-38978 Update to Jenkins 2

            The plugin parent was updated to the latest version 3.2. This will
            finally remove support for Jenkins 1.x - which now is quite old enough
            not to be supported anymore - and thus implies bumping to a new major
            version of this plugin.

            The Jenkins version was set to 2.32.1 so that the plugin can be
            updated to the new version even on older Jenkins installations (up to
            about a year of age).

            The new parent POM requires (or at least encourage) seveal changes to
            the project POM:

            • The Java level was set to 8.
            • The parent POM enforces the Maven version, hence ``prerequisites``
              is obsolete.
            • ``description`` and ``inceptionYear`` from the parent POM should be
              overridden.
            • The ``url`` ws applied to jenkins.io.
            • Some properties and plugin configurations have been removed, because
              they are already configured in the parent POM.
            Show
            scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Marc Rohlfs Path: README.md pom.xml http://jenkins-ci.org/commit/maven-metadata-plugin/cfbbacc030ebc1601ace16f8a26deffd0c6af04b Log: JENKINS-38978 Update to Jenkins 2 The plugin parent was updated to the latest version 3.2 . This will finally remove support for Jenkins 1.x - which now is quite old enough not to be supported anymore - and thus implies bumping to a new major version of this plugin. The Jenkins version was set to 2.32.1 so that the plugin can be updated to the new version even on older Jenkins installations (up to about a year of age). The new parent POM requires (or at least encourage) seveal changes to the project POM: The Java level was set to 8 . The parent POM enforces the Maven version, hence ``prerequisites`` is obsolete. ``description`` and ``inceptionYear`` from the parent POM should be overridden. The ``url`` ws applied to jenkins.io . Some properties and plugin configurations have been removed, because they are already configured in the parent POM.
            Hide
            scm_issue_link SCM/JIRA link daemon added a comment -

            Code changed in jenkins
            User: Marc Rohlfs
            Path:
            src/main/resources/eu/markov/jenkins/plugin/mvnmeta/MavenMetadataParameterDefinition/config.jelly
            src/main/resources/eu/markov/jenkins/plugin/mvnmeta/MavenMetadataParameterDefinition/index.jelly
            src/main/resources/eu/markov/jenkins/plugin/mvnmeta/MavenMetadataParameterValue/value.jelly
            src/main/resources/index.jelly
            http://jenkins-ci.org/commit/maven-metadata-plugin/68b2aa91cf0bdc4986a8da366d762d588b6ab18a
            Log:
            JENKINS-38978 Fix tests

            After the Parent POM (and Jenkins) upgrade, the tests now require the
            additional header ``<?jelly escape-by-default='true'?>`` in the Jelly
            template files.

            Show
            scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Marc Rohlfs Path: src/main/resources/eu/markov/jenkins/plugin/mvnmeta/MavenMetadataParameterDefinition/config.jelly src/main/resources/eu/markov/jenkins/plugin/mvnmeta/MavenMetadataParameterDefinition/index.jelly src/main/resources/eu/markov/jenkins/plugin/mvnmeta/MavenMetadataParameterValue/value.jelly src/main/resources/index.jelly http://jenkins-ci.org/commit/maven-metadata-plugin/68b2aa91cf0bdc4986a8da366d762d588b6ab18a Log: JENKINS-38978 Fix tests After the Parent POM (and Jenkins) upgrade, the tests now require the additional header ``<?jelly escape-by-default='true'?>`` in the Jelly template files.
            Hide
            scm_issue_link SCM/JIRA link daemon added a comment -

            Code changed in jenkins
            User: Marc Rohlfs
            Path:
            src/main/lombok/eu/markov/jenkins/plugin/mvnmeta/MavenMetadataParameterDefinitionBackwardCompatibility.java
            src/main/lombok/eu/markov/jenkins/plugin/mvnmeta/MavenMetadataParameterValue.java
            src/main/lombok/eu/markov/jenkins/plugin/mvnmeta/MavenMetadataRebuildParameterProvider.java
            http://jenkins-ci.org/commit/maven-metadata-plugin/4e6375713fe819d45b7ec460d911bf1c79b5d953
            Log:
            JENKINS-38978 Fix Javadoc generation errors

            In the MavenMetadataParameterDefinitionBackwardCompatibility class,
            the required getters had to be implemented manually, because otherwise
            Lombok copies the fields' Javadoc comment and generates the getter with
            broken Javadoc.

            Show
            scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Marc Rohlfs Path: src/main/lombok/eu/markov/jenkins/plugin/mvnmeta/MavenMetadataParameterDefinitionBackwardCompatibility.java src/main/lombok/eu/markov/jenkins/plugin/mvnmeta/MavenMetadataParameterValue.java src/main/lombok/eu/markov/jenkins/plugin/mvnmeta/MavenMetadataRebuildParameterProvider.java http://jenkins-ci.org/commit/maven-metadata-plugin/4e6375713fe819d45b7ec460d911bf1c79b5d953 Log: JENKINS-38978 Fix Javadoc generation errors In the MavenMetadataParameterDefinitionBackwardCompatibility class, the required getters had to be implemented manually, because otherwise Lombok copies the fields' Javadoc comment and generates the getter with broken Javadoc.
            Hide
            scm_issue_link SCM/JIRA link daemon added a comment -

            Code changed in jenkins
            User: Marc Rohlfs
            Path:
            src/main/lombok/eu/markov/jenkins/plugin/mvnmeta/MavenMetadataParameterDefinition.java
            http://jenkins-ci.org/commit/maven-metadata-plugin/c68fedad11ecf292385f8d40155534c282c1d44c
            Log:
            JENKINS-38978 Prevent FindBugs errors

            Show
            scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Marc Rohlfs Path: src/main/lombok/eu/markov/jenkins/plugin/mvnmeta/MavenMetadataParameterDefinition.java http://jenkins-ci.org/commit/maven-metadata-plugin/c68fedad11ecf292385f8d40155534c282c1d44c Log: JENKINS-38978 Prevent FindBugs errors
            Hide
            scm_issue_link SCM/JIRA link daemon added a comment -

            Code changed in jenkins
            User: Marc Rohlfs
            Path:
            src/main/lombok/eu/markov/jenkins/plugin/mvnmeta/MavenMetadataParameterDefinition.java
            src/main/lombok/eu/markov/jenkins/plugin/mvnmeta/MavenMetadataParameterDefinitionBackwardCompatibility.java
            src/main/lombok/eu/markov/jenkins/plugin/mvnmeta/MavenMetadataParameterValue.java
            src/test/java/eu/markov/jenkins/plugin/mvnmeta/MavenMetadataParameterDefinitionBackwardCompatibilityTest.java
            src/test/java/eu/markov/jenkins/plugin/mvnmeta/MavenMetadataParameterDefinitionTest.java
            http://jenkins-ci.org/commit/maven-metadata-plugin/2ba426f0fb442192b9e875b6fcf09f9af506583c
            Log:
            JENKINS-38978 Eliminate usages of deprecated API

            Compare: https://github.com/jenkinsci/maven-metadata-plugin/compare/b7609bbd7ab6^...2ba426f0fb44

            Show
            scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Marc Rohlfs Path: src/main/lombok/eu/markov/jenkins/plugin/mvnmeta/MavenMetadataParameterDefinition.java src/main/lombok/eu/markov/jenkins/plugin/mvnmeta/MavenMetadataParameterDefinitionBackwardCompatibility.java src/main/lombok/eu/markov/jenkins/plugin/mvnmeta/MavenMetadataParameterValue.java src/test/java/eu/markov/jenkins/plugin/mvnmeta/MavenMetadataParameterDefinitionBackwardCompatibilityTest.java src/test/java/eu/markov/jenkins/plugin/mvnmeta/MavenMetadataParameterDefinitionTest.java http://jenkins-ci.org/commit/maven-metadata-plugin/2ba426f0fb442192b9e875b6fcf09f9af506583c Log: JENKINS-38978 Eliminate usages of deprecated API Compare: https://github.com/jenkinsci/maven-metadata-plugin/compare/b7609bbd7ab6 ^...2ba426f0fb44
            marcrohlfs Marc Rohlfs made changes -
            Status In Progress [ 3 ] In Review [ 10005 ]
            marcrohlfs Marc Rohlfs made changes -
            Assignee Marc Rohlfs [ marcrohlfs ] Ebrahim Moshaya [ emoshaya_cognitoiq ]
            Hide
            marcrohlfs Marc Rohlfs added a comment -

            Hi Ebrahim Moshaya,

            my PR is now ready for review: maven-metadata-plugin#14

            Kind regards

            Marc

            Show
            marcrohlfs Marc Rohlfs added a comment - Hi  Ebrahim Moshaya , my PR is now ready for review:  maven-metadata-plugin#14 Kind regards Marc
            marcrohlfs Marc Rohlfs made changes -
            Link This issue is blocking JENKINS-38619 [ JENKINS-38619 ]
            Hide
            scm_issue_link SCM/JIRA link daemon added a comment -

            Code changed in jenkins
            User: Marc Rohlfs
            Path:
            README.md
            http://jenkins-ci.org/commit/maven-metadata-plugin/550f288a5571cc7208bf96b11eaeae931c78187e
            Log:
            JENKINS-38978 Adjust Jenkins version in README

            Show
            scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Marc Rohlfs Path: README.md http://jenkins-ci.org/commit/maven-metadata-plugin/550f288a5571cc7208bf96b11eaeae931c78187e Log: JENKINS-38978 Adjust Jenkins version in README
            Hide
            scm_issue_link SCM/JIRA link daemon added a comment -

            Code changed in jenkins
            User: Marc Rohlfs
            Path:
            Jenkinsfile
            README.md
            pom.xml
            src/dev/assets/work/jobs/test-freestyle/config.xml
            src/dev/assets/work/jobs/test-freestyle/currentArtifactInfo.txt
            src/dev/assets/work/jobs/test-matrix/config.xml
            src/dev/assets/work/jobs/test-matrix/currentArtifactInfo.txt
            src/dev/assets/work/jobs/testjob/config.xml
            src/dev/assets/work/jobs/testjob/currentArtifactInfo.txt
            src/main/lombok/eu/markov/jenkins/plugin/mvnmeta/MavenMetadataParameterDefinition.java
            src/main/lombok/eu/markov/jenkins/plugin/mvnmeta/MavenMetadataParameterDefinitionBackwardCompatibility.java
            src/main/lombok/eu/markov/jenkins/plugin/mvnmeta/MavenMetadataParameterValue.java
            src/main/lombok/eu/markov/jenkins/plugin/mvnmeta/MavenMetadataRebuildParameterProvider.java
            src/main/resources/eu/markov/jenkins/plugin/mvnmeta/MavenMetadataParameterDefinition/config.jelly
            src/main/resources/eu/markov/jenkins/plugin/mvnmeta/MavenMetadataParameterDefinition/index.jelly
            src/main/resources/eu/markov/jenkins/plugin/mvnmeta/MavenMetadataParameterValue/value.jelly
            src/main/resources/index.jelly
            src/test/java/eu/markov/jenkins/plugin/mvnmeta/MavenMetadataParameterDefinitionBackwardCompatibilityTest.java
            src/test/java/eu/markov/jenkins/plugin/mvnmeta/MavenMetadataParameterDefinitionTest.java
            http://jenkins-ci.org/commit/maven-metadata-plugin/8f52ababfa1815ad120b6e0391bc1213a1daddf9
            Log:
            Merge pull request #14 from jenkinsci/feature/JENKINS-38978_update-versions

            JENKINS-38978 Plugin needs updating to address SECURITY-170

            Compare: https://github.com/jenkinsci/maven-metadata-plugin/compare/cc341d17e855...8f52ababfa18

            Show
            scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Marc Rohlfs Path: Jenkinsfile README.md pom.xml src/dev/assets/work/jobs/test-freestyle/config.xml src/dev/assets/work/jobs/test-freestyle/currentArtifactInfo.txt src/dev/assets/work/jobs/test-matrix/config.xml src/dev/assets/work/jobs/test-matrix/currentArtifactInfo.txt src/dev/assets/work/jobs/testjob/config.xml src/dev/assets/work/jobs/testjob/currentArtifactInfo.txt src/main/lombok/eu/markov/jenkins/plugin/mvnmeta/MavenMetadataParameterDefinition.java src/main/lombok/eu/markov/jenkins/plugin/mvnmeta/MavenMetadataParameterDefinitionBackwardCompatibility.java src/main/lombok/eu/markov/jenkins/plugin/mvnmeta/MavenMetadataParameterValue.java src/main/lombok/eu/markov/jenkins/plugin/mvnmeta/MavenMetadataRebuildParameterProvider.java src/main/resources/eu/markov/jenkins/plugin/mvnmeta/MavenMetadataParameterDefinition/config.jelly src/main/resources/eu/markov/jenkins/plugin/mvnmeta/MavenMetadataParameterDefinition/index.jelly src/main/resources/eu/markov/jenkins/plugin/mvnmeta/MavenMetadataParameterValue/value.jelly src/main/resources/index.jelly src/test/java/eu/markov/jenkins/plugin/mvnmeta/MavenMetadataParameterDefinitionBackwardCompatibilityTest.java src/test/java/eu/markov/jenkins/plugin/mvnmeta/MavenMetadataParameterDefinitionTest.java http://jenkins-ci.org/commit/maven-metadata-plugin/8f52ababfa1815ad120b6e0391bc1213a1daddf9 Log: Merge pull request #14 from jenkinsci/feature/ JENKINS-38978 _update-versions JENKINS-38978 Plugin needs updating to address SECURITY-170 Compare: https://github.com/jenkinsci/maven-metadata-plugin/compare/cc341d17e855...8f52ababfa18
            marcrohlfs Marc Rohlfs made changes -
            Assignee Ebrahim Moshaya [ emoshaya_cognitoiq ] Marc Rohlfs [ marcrohlfs ]
            marcrohlfs Marc Rohlfs made changes -
            Remote Link This issue links to "Pull Request 14 (Web Link)" [ 19744 ]
            marcrohlfs Marc Rohlfs made changes -
            Status In Review [ 10005 ] Resolved [ 5 ]
            Resolution Fixed [ 1 ]
            Hide
            marcrohlfs Marc Rohlfs added a comment -

            Released with version 2.0.0

            Show
            marcrohlfs Marc Rohlfs added a comment - Released with version 2.0.0

              People

              • Assignee:
                marcrohlfs Marc Rohlfs
                Reporter:
                emoshaya_cognitoiq Ebrahim Moshaya
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: