The Jenkins Blog

Alyssa Tong

Member of the Jenkins Advocacy and Outreach SIG. Alyssa drives and manages Jenkins participation in community events and conferences like FOSDEM, SCaLE, cdCON, and KubeCon. She is also responsible for Marketing & Community Programs at CloudBees, Inc.

Jenkins September 2023 Newsletter

Key Takeaways JDK21 is around the corner Contributed by: Wadeck Follonier A plugin security advisory was published on September 6. Security Advisory 2023-09-06 This included multiple high score vulnerabilities in various plugins. A core security advisory was published on September 20. Security Advisory 2023-09-20 Multiple vulnerabilities were corrected in core. This advisory also included fixes for a plugin. Contributed by: Mark Waite Voter registration is now open for the 2023 Jenkins...

Damien DUPORTAL
Mark Waite
Bruno Verachten
Wadeck Follonier
Kevin Martens
Alyssa Tong October 12, 2023
Jenkins August 2023 Newsletter

Key Takeaways Jenkins project reports growth of 79% in Jenkins Pipeline, used to propel software delivery. Contributed by: Wadeck Follonier Andrea Chiera completed his 3 months internship within the Security team, auditing 100 plugins and finding 20+ vulnerabilities. Summer Internship in Jenkins security Thank you very much for your involvement and also to the team for mentoring him. A Plugin security advisory was published on August...

Damien DUPORTAL
Mark Waite
Bruno Verachten
Wadeck Follonier
Kevin Martens
Alyssa Tong September 21, 2023
Jenkins July 2023 Newsletter

Key Takeaways A Jenkins Core security advisory was published on July 26 The official documentation has migrated to Java 17 Operating system end of life notifications have been added Contributed by: Wadeck Follonier During July, there were two Security Advisories published: Plugin security advisory published on July 12 Multiple high-score vulnerabilities A total of 16 plugins were affected Jenkins core and plugins security advisory published on July 26 The highest...

Damien DUPORTAL
Mark Waite
Bruno Verachten
Wadeck Follonier
Kevin Martens
Alyssa Tong August 2, 2023
Jenkins May 2023 Newsletter

Key Takeaways Jenkins plugin updates released to fix security vulnerabilities, advisory published on May 16. JDK8 support has been dropped in favor of JDK11 as the default for running Jenkins agents. Ssh-agent release 5.0.0 introduces breaking changes. Contributed by: Wadeck Follonier A Security Policy was added for the Docker images of the project. Due to multiple reports about CVEs present in the Docker images the project...

Alyssa Tong
Damien DUPORTAL
Mark Waite
Bruno Verachten
Wadeck Follonier June 20, 2023
Jenkins 2023 Contributor Award Winners

At cdCon last week in Vancouver, May 8–9, the Jenkins Contributor Award winners were announced along with fifteen (15) other CDF Award winners. This is an annual award program where Jenkins contributors are nominated and voted by their peers within the Jenkins community. Thank you to everyone who nominated and voted and to CDF for hosting this program. And special thanks...

Alyssa Tong May 16, 2023
Jenkins April 2023 Newsletter

Key Takeaways There was one security advisory this month announcing vulnerabilities regarding Jenkins plugins. Cloud Cost Controls with improved resource cleanups and VM usage optimization to face the increased rate of builds on ci.jenkins.io. Thanks to DigitalOcean for their continued support and ($8,400 credit) sponsorship of Jenkins. Ppc64le docker agent images are now available. Jenkins at cdCon + GitOpsCon! Contributed by: Wadeck Follonier In April, there was...

Alyssa Tong
Damien DUPORTAL
Kevin Martens
Mark Waite
Bruno Verachten
Wadeck Follonier May 10, 2023
Welcome Google Summer of Code 2023 Contributors!

On behalf of the Jenkins GSoC org admin team and mentors, we would like to welcome Harsh Pratap Singh, Jagruti Tiwari, Vandit Singh, and Ashutosh Saxena. They will be working on Google Summer of Code projects in the Jenkins organization, and they have already done some contributions. This year we have the following projects: GitLab Plugin modernisation - Cleaning and modernizing the extensively used GitLab plugin. Contributor: Harsh Pratap Singh from...

Alyssa Tong
Jean-Marc Meessen May 4, 2023
Jenkins March 2023 Newsletter

Highlights Jenkins 2.397 and 2.387.2 are both using new Linux repository signing keys. The Pipeline graph view plugin continues to evolve and improve as a Pipeline visualization replacement for Blue Ocean. The number of pull requests merged for jenkins.io crossed into triple digits this month (101). Contributed by: Mark Waite Jenkins' installers for Debian and Red Hat have all been signed with new PGP private...

Alyssa Tong
Damien DUPORTAL
Kevin Martens
Mark Waite
Bruno Verachten
Kevin Guerroudj April 12, 2023
Jenkins February 2023 Newsletter

Highlights FOSDEM 2023 insights Jenkins is a mentor organization for Google Summer of Code Several container image updates Jenkins Awards voting is now open Contributed by: Alyssa Tong FOSDEM 2023 Returning to FOSDEM for the first in-person event since COVID was both exciting and nostalgic for our Jenkins contributors. It was exciting to see the same crowd size and enthusiasm by attendees. Many thanks to the wonderful FOSDEM organizers...

Alyssa Tong
Damien DUPORTAL
Kevin Martens
Mark Waite
Kevin Guerroudj
Bruno Verachten March 9, 2023