-
Notifications
You must be signed in to change notification settings - Fork 103
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[JENKINS-63350] update pac4j to 3.9.0 #90
Changes from all commits
5786d35
68aaa10
76b6c1a
ffadcb1
579a46c
8ad3af6
5188258
1beb7e3
81b5bb7
867faa0
e15c310
867464d
9810e6e
aa2a2f1
cb0a8f6
1b22692
7c7a310
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,15 +1,16 @@ | ||
//def buildConfiguration = buildPlugin.recommendedConfigurations() | ||
|
||
def lts = "2.176.1" | ||
def weekly = "2.199" | ||
def lts = "2.249.3" | ||
def buildConfiguration = [ | ||
[ platform: "linux", jdk: "8", jenkins: lts, javaLevel: "8" ], | ||
[ platform: "windows", jdk: "8", jenkins: lts, javaLevel: "8" ], | ||
[ platform: "linux", jdk: "11", jenkins: lts, javaLevel: "8" ], | ||
[ platform: "windows", jdk: "11", jenkins: lts, javaLevel: "8" ], | ||
/* | ||
[ platform: "linux", jdk: "8", jenkins: lts ], | ||
[ platform: "windows", jdk: "8", jenkins: lts ], | ||
[ platform: "linux", jdk: "11", jenkins: lts ], | ||
[ platform: "windows", jdk: "11", jenkins: lts ], | ||
*/ | ||
// Also build on recent weekly | ||
// [ platform: "linux", jdk: "11", jenkins: weekly, javaLevel: "8" ], | ||
// [ platform: "windows", jdk: "11", jenkins: weekly, javaLevel: "8" ] | ||
[ platform: "linux", jdk: "11" ], | ||
[ platform: "windows", jdk: "11" ] | ||
] | ||
|
||
buildPlugin(configurations: buildConfiguration) |
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -25,7 +25,7 @@ under the License. | |
<parent> | ||
<groupId>org.jenkins-ci.plugins</groupId> | ||
<artifactId>plugin</artifactId> | ||
<version>3.55</version> | ||
<version>4.3</version> | ||
</parent> | ||
|
||
<artifactId>saml</artifactId> | ||
|
@@ -42,9 +42,9 @@ under the License. | |
</scm> | ||
|
||
<properties> | ||
<revision>1.1.8</revision> | ||
<revision>2.0.0</revision> | ||
<changelist>-SNAPSHOT</changelist> | ||
<jenkins.version>2.176.1</jenkins.version> | ||
<jenkins.version>2.266</jenkins.version> | ||
<java.level>8</java.level> | ||
<jcasc.version>1.35</jcasc.version> | ||
</properties> | ||
|
@@ -90,8 +90,26 @@ under the License. | |
<dependency> | ||
<groupId>org.pac4j</groupId> | ||
<artifactId>pac4j-saml</artifactId> | ||
<version>1.9.9</version> | ||
<!-- versions 4.x.x require JDK 11 --> | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Then set There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I think is fine, 3.9.0 was released a few days ago |
||
<version>3.9.0</version> | ||
<optional>false</optional> | ||
<exclusions> | ||
<exclusion> | ||
<groupId>org.springframework</groupId> | ||
<artifactId>spring-beans</artifactId> | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. You may need to exclude more. Pay attention to what gets bundled in the There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. yep, there is a bunch of transitive dependencies that can be removed There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. is there any way to acknowledge(remove the warnings) the dependencies? there are some warnings that come from the hpi plugin, but those dependencies are needed and I do not want to add all those dependencies manually to the plugin pom. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more.
Yes but do not do that.
You can There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I have excluded all that are not needed or are already in the Jenkins Core. so I guess that either I add these libraries to the pom or I live with these warnings
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I will live with the warnings to remove them I have to add more than 300 no-sense lines to the pom to manage these dependencies manually. |
||
</exclusion> | ||
<exclusion> | ||
<groupId>org.springframework</groupId> | ||
<artifactId>spring-jdbc</artifactId> | ||
</exclusion> | ||
<exclusion> | ||
<groupId>org.springframework</groupId> | ||
<artifactId>spring-orm</artifactId> | ||
</exclusion> | ||
<exclusion> | ||
<groupId>org.springframework</groupId> | ||
<artifactId>spring-tx</artifactId> | ||
</exclusion> | ||
<exclusion> | ||
<groupId>org.springframework</groupId> | ||
<artifactId>spring-core</artifactId> | ||
|
@@ -104,17 +122,65 @@ under the License. | |
<groupId>org.slf4j</groupId> | ||
<artifactId>jcl-over-slf4j</artifactId> | ||
</exclusion> | ||
<exclusion> | ||
<groupId>org.bouncycastle</groupId> | ||
<artifactId>bcprov-jdk15on</artifactId> | ||
</exclusion> | ||
<exclusion> | ||
<groupId>org.dom4j</groupId> | ||
<artifactId>dom4j</artifactId> | ||
</exclusion> | ||
<exclusion> | ||
<groupId>commons-codec</groupId> | ||
<artifactId>commons-codec</artifactId> | ||
</exclusion> | ||
<exclusion> | ||
<groupId>org.bouncycastle</groupId> | ||
<artifactId>bcprov-jdk15on</artifactId> | ||
<groupId>antlr</groupId> | ||
<artifactId>antlr</artifactId> | ||
</exclusion> | ||
<exclusion> | ||
<groupId>org.hibernate</groupId> | ||
<artifactId>hibernate-core</artifactId> | ||
</exclusion> | ||
<exclusion> | ||
<groupId>org.hibernate.javax.persistence</groupId> | ||
<artifactId>hibernate-jpa-2.1-api</artifactId> | ||
</exclusion> | ||
<exclusion> | ||
<groupId>org.hibernate</groupId> | ||
<artifactId>hibernate-entitymanager</artifactId> | ||
</exclusion> | ||
<exclusion> | ||
<groupId>org.hibernate</groupId> | ||
<artifactId>hibernate-commons-annotations</artifactId> | ||
</exclusion> | ||
<exclusion> | ||
<groupId>commons-collections</groupId> | ||
<artifactId>commons-collections</artifactId> | ||
</exclusion> | ||
<exclusion> | ||
<groupId>commons-io</groupId> | ||
<artifactId>commons-io</artifactId> | ||
</exclusion> | ||
<exclusion> | ||
<groupId>commons-codec</groupId> | ||
<artifactId>commons-codec</artifactId> | ||
</exclusion> | ||
<exclusion> | ||
<groupId>org.apache.httpcomponents</groupId> | ||
<artifactId>httpclient</artifactId> | ||
<groupId>com.google.guava</groupId> | ||
<artifactId>guava</artifactId> | ||
</exclusion> | ||
<exclusion> | ||
<groupId>xalan</groupId> | ||
<artifactId>xalan</artifactId> | ||
</exclusion> | ||
<exclusion> | ||
<groupId>jakarta.activation</groupId> | ||
<artifactId>jakarta.activation-api</artifactId> | ||
</exclusion> | ||
<exclusion> | ||
<groupId>javax.annotation</groupId> | ||
<artifactId>javax.annotation-api</artifactId> | ||
</exclusion> | ||
</exclusions> | ||
</dependency> | ||
|
@@ -129,21 +195,6 @@ under the License. | |
<artifactId>bouncycastle-api</artifactId> | ||
<version>2.18</version> | ||
</dependency> | ||
<dependency> | ||
<groupId>net.shibboleth.utilities</groupId> | ||
<artifactId>java-support</artifactId> | ||
<version>7.2.0</version> | ||
<exclusions> | ||
<exclusion> | ||
<groupId>commons-codec</groupId> | ||
<artifactId>commons-codec</artifactId> | ||
</exclusion> | ||
<exclusion> | ||
<groupId>org.slf4j</groupId> | ||
<artifactId>slf4j-api</artifactId> | ||
</exclusion> | ||
</exclusions> | ||
</dependency> | ||
<dependency> | ||
<groupId>org.mockito</groupId> | ||
<artifactId>mockito-core</artifactId> | ||
|
@@ -171,17 +222,29 @@ under the License. | |
</dependencies> | ||
<dependencyManagement> | ||
<dependencies> | ||
<dependency> | ||
<groupId>io.jenkins.tools.bom</groupId> | ||
<artifactId>bom-2.249.x</artifactId> | ||
<version>17</version> | ||
<type>pom</type> | ||
<scope>import</scope> | ||
</dependency> | ||
<dependency> | ||
<groupId>org.cryptacular</groupId> | ||
<artifactId>cryptacular</artifactId> | ||
<version>1.2.4</version> | ||
</dependency> | ||
<!-- TODO: remove when CVE-2019-12400 is resolved --> | ||
<dependency> | ||
<groupId>org.apache.santuario</groupId> | ||
<artifactId>xmlsec</artifactId> | ||
<version>2.1.4</version> | ||
</dependency> | ||
<dependency> | ||
<groupId>org.pac4j</groupId> | ||
<artifactId>pac4j-saml</artifactId> | ||
<!-- versions 4.x.x require JDK 11 --> | ||
<version>3.9.0</version> | ||
</dependency> | ||
</dependencies> | ||
</dependencyManagement> | ||
<build> | ||
|
This file was deleted.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
??