From e03332d0c20e2bacbba4e8f80cd3f4830d126035 Mon Sep 17 00:00:00 2001 From: Wadeck Follonier Date: Wed, 23 Feb 2022 09:04:06 +0100 Subject: [PATCH 1/4] Unsuspend publish-over-ssh since 1.24 --- resources/artifact-ignores.properties | 40 ++++++++++++++++++++++++++- 1 file changed, 39 insertions(+), 1 deletion(-) diff --git a/resources/artifact-ignores.properties b/resources/artifact-ignores.properties index 312ed6edc..57e06922e 100644 --- a/resources/artifact-ignores.properties +++ b/resources/artifact-ignores.properties @@ -677,7 +677,45 @@ carbonetes-serverless-container-scanning-and-policy-compliance-1.8.1 # https://www.jenkins.io/security/advisory/2022-01-12/ batch-task = https://www.jenkins.io/security/plugins/#suspensions debian-package-builder = https://www.jenkins.io/security/plugins/#suspensions -publish-over-ssh = https://www.jenkins.io/security/plugins/#suspensions +publish-over-ssh-0.1 +publish-over-ssh-0.2 +publish-over-ssh-0.3 +publish-over-ssh-0.4 +publish-over-ssh-0.5 +publish-over-ssh-0.6 +publish-over-ssh-0.7 +publish-over-ssh-0.8 +publish-over-ssh-0.9 +publish-over-ssh-0.10 +publish-over-ssh-0.11 +publish-over-ssh-0.12 +publish-over-ssh-0.13 +publish-over-ssh-0.14 +publish-over-ssh-1.0 +publish-over-ssh-1.1 +publish-over-ssh-1.2 +publish-over-ssh-1.3 +publish-over-ssh-1.4 +publish-over-ssh-1.5 +publish-over-ssh-1.6 +publish-over-ssh-1.7 +publish-over-ssh-1.8 +publish-over-ssh-1.9 +publish-over-ssh-1.10 +publish-over-ssh-1.11 +publish-over-ssh-1.12 +publish-over-ssh-1.13 +publish-over-ssh-1.14 +publish-over-ssh-1.17 +publish-over-ssh-1.18 +publish-over-ssh-1.19 +publish-over-ssh-1.19.1 +publish-over-ssh-1.20 +publish-over-ssh-1.20.1 +publish-over-ssh-1.21 +publish-over-ssh-1.22 +publish-over-ssh-1.23 +# fixes were proposed since publish-over-ssh-1.24 # https://www.jenkins.io/blog/2021/12/22/deprecated-ruby-runtime/ buddycloud = https://www.jenkins.io/blog/2021/12/22/deprecated-ruby-runtime/ From 215d0613781e2761ff8a1eff2a817828ad626f8d Mon Sep 17 00:00:00 2001 From: Wadeck Follonier Date: Wed, 23 Feb 2022 10:10:27 +0100 Subject: [PATCH 2/4] Adjust warning regex --- resources/warnings.json | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/resources/warnings.json b/resources/warnings.json index e1858569b..4178c71b4 100644 --- a/resources/warnings.json +++ b/resources/warnings.json @@ -10699,8 +10699,8 @@ "url": "https://www.jenkins.io/security/advisory/2022-01-12/#SECURITY-2287", "versions": [ { - "lastVersion": "1.22", - "pattern": ".*" + "lastVersion": "1.23", + "pattern": "(0|1[.][0-9]|1[.]1[01234789]|1[.]2[0-3])(|[.-].+)" } ] }, @@ -10712,8 +10712,8 @@ "url": "https://www.jenkins.io/security/advisory/2022-01-12/#SECURITY-2290", "versions": [ { - "lastVersion": "1.22", - "pattern": ".*" + "lastVersion": "1.23", + "pattern": "(0|1[.][0-9]|1[.]1[01234789]|1[.]2[0-3])(|[.-].+)" } ] }, @@ -10725,8 +10725,8 @@ "url": "https://www.jenkins.io/security/advisory/2022-01-12/#SECURITY-2291", "versions": [ { - "lastVersion": "1.22", - "pattern": ".*" + "lastVersion": "1.23", + "pattern": "(0|1[.][0-9]|1[.]1[01234789]|1[.]2[0-3])(|[.-].+)" } ] }, @@ -10738,8 +10738,8 @@ "url": "https://www.jenkins.io/security/advisory/2022-01-12/#SECURITY-2307", "versions": [ { - "lastVersion": "1.22", - "pattern": ".*" + "lastVersion": "1.23", + "pattern": "(0|1[.][0-9]|1[.]1[01234789]|1[.]2[0-3])(|[.-].+)" } ] }, From cb619455e958187f46c96509ca60fbf163a7eec0 Mon Sep 17 00:00:00 2001 From: Wadeck Follonier Date: Wed, 23 Feb 2022 10:11:17 +0100 Subject: [PATCH 3/4] Update using Daniel's comment --- resources/artifact-ignores.properties | 40 +-------------------------- 1 file changed, 1 insertion(+), 39 deletions(-) diff --git a/resources/artifact-ignores.properties b/resources/artifact-ignores.properties index 57e06922e..eaa1af0cc 100644 --- a/resources/artifact-ignores.properties +++ b/resources/artifact-ignores.properties @@ -677,45 +677,7 @@ carbonetes-serverless-container-scanning-and-policy-compliance-1.8.1 # https://www.jenkins.io/security/advisory/2022-01-12/ batch-task = https://www.jenkins.io/security/plugins/#suspensions debian-package-builder = https://www.jenkins.io/security/plugins/#suspensions -publish-over-ssh-0.1 -publish-over-ssh-0.2 -publish-over-ssh-0.3 -publish-over-ssh-0.4 -publish-over-ssh-0.5 -publish-over-ssh-0.6 -publish-over-ssh-0.7 -publish-over-ssh-0.8 -publish-over-ssh-0.9 -publish-over-ssh-0.10 -publish-over-ssh-0.11 -publish-over-ssh-0.12 -publish-over-ssh-0.13 -publish-over-ssh-0.14 -publish-over-ssh-1.0 -publish-over-ssh-1.1 -publish-over-ssh-1.2 -publish-over-ssh-1.3 -publish-over-ssh-1.4 -publish-over-ssh-1.5 -publish-over-ssh-1.6 -publish-over-ssh-1.7 -publish-over-ssh-1.8 -publish-over-ssh-1.9 -publish-over-ssh-1.10 -publish-over-ssh-1.11 -publish-over-ssh-1.12 -publish-over-ssh-1.13 -publish-over-ssh-1.14 -publish-over-ssh-1.17 -publish-over-ssh-1.18 -publish-over-ssh-1.19 -publish-over-ssh-1.19.1 -publish-over-ssh-1.20 -publish-over-ssh-1.20.1 -publish-over-ssh-1.21 -publish-over-ssh-1.22 -publish-over-ssh-1.23 -# fixes were proposed since publish-over-ssh-1.24 +# publish-over-ssh => fixes were proposed since publish-over-ssh-1.24, adjust warnings # https://www.jenkins.io/blog/2021/12/22/deprecated-ruby-runtime/ buddycloud = https://www.jenkins.io/blog/2021/12/22/deprecated-ruby-runtime/ From 237ab282e62788c969ab9b24668130ddae0c314a Mon Sep 17 00:00:00 2001 From: Wadeck Follonier Date: Thu, 24 Feb 2022 21:46:14 +0100 Subject: [PATCH 4/4] Update resources/artifact-ignores.properties Co-authored-by: Daniel Beck <1831569+daniel-beck@users.noreply.github.com> --- resources/artifact-ignores.properties | 1 - 1 file changed, 1 deletion(-) diff --git a/resources/artifact-ignores.properties b/resources/artifact-ignores.properties index eaa1af0cc..fdc7e57d4 100644 --- a/resources/artifact-ignores.properties +++ b/resources/artifact-ignores.properties @@ -677,7 +677,6 @@ carbonetes-serverless-container-scanning-and-policy-compliance-1.8.1 # https://www.jenkins.io/security/advisory/2022-01-12/ batch-task = https://www.jenkins.io/security/plugins/#suspensions debian-package-builder = https://www.jenkins.io/security/plugins/#suspensions -# publish-over-ssh => fixes were proposed since publish-over-ssh-1.24, adjust warnings # https://www.jenkins.io/blog/2021/12/22/deprecated-ruby-runtime/ buddycloud = https://www.jenkins.io/blog/2021/12/22/deprecated-ruby-runtime/