Jenkins October 2022 Newsletter
October 2022
Welcome to the Jenkins Newsletter! This is a compilation of progress within the project, highlighted by Jenkins Special Interest Groups (SIGs) for the month of October.
View previous editions of the Jenkins Newsletter here!
Happy reading!
Security Update
-
One security advisory during October about plugins
-
28 impacted plugins
-
8 without fixes, as explained in our process
-
4 plugins were suspended from distribution
-
Due to the corrections applied for SECURITY-2824 in the Groovy sandbox, we strongly recommend you to update as soon as possible.
-
-
We got several questions / reports related to Text4Shell (CVE-2022-42889)
-
The Security team did an investigation and nothing in the Jenkins ecosystem is affected.
-
Due to the communication from Apache about why it’s not a vulnerability like Log4Shell, we do not plan to publish a blog post about our analysis.
-
Infrastructure Update
-
Hacktoberfest support: ~15% more builds for a cost decrease of $2.000!
-
Fall cleanup of accounts.jenkins.io and wiki.jenkins.io (Unified designs, dependencies updates, bug fixes)
-
Upgrade of our controllers to the new LTS 2.361.2
-
Upgrade of Kubernetes to 1.23.x for the 6 clusters (Amazon, Digital Ocean and Azure)
-
Request for volunteers to host download mirrors in India
-
Security Advisories support (Jenkins Infrastructure is the first user!)
Platform Update
-
Very last JDK8 docker images have been released
-
Preparation of the three agents repos merging while solving a bug.
-
Loss of the ppc64le loaner machine from IBM, some reference cleaning to do.
-
JDK17 aarch64 docker image bug discovered and solved.
-
First RISC-V machine received, tests should happen in the coming months
-
JVM stats for October: Java 8 fell from 153,205 to 139,827; Java 11 rose from 137,332 to 141,387; and Java 17 rose from 11,173 to 14,420. There are now more users on Java 11 than Java 8.
User Experience Update
The accounts.jenkins.io page has been significantly updated thanks to the work of Tim Jacomb, Alex Brandes, and Gavin Mogan.
At a high level, Tim and Alex made major dependency updates. Tim was also able to update the UI to be more modern and synchronize with the jenkins.io interface. Gavin was able to create and add the page header & footer, so that page transitions are seamless. This work to keep Jenkins aligned and up to date is greatly appreciated, and necessary to keep it modern.
The old Jenkins wiki site has also received a face lift, as it has been updated with the stylesheets used for the accounts page update. Despite the wiki being deprecated, finding and reading information on the site is much easier. This is yet another way to make the page transitions more seamless throughout Jenkins.
Documentation Update
The annual Jenkins board members and officers election is here! Thanks Kevin Martens for thoroughly laying out the voter registration and nomination process. Nominate yourself or someone you know. But hurry because nominations end on November 10, 2022.
Can’t think of anyone to nominate? We’d gladly take your vote! Voter registration is open now until November 17. The voting period will begin on November 17 - December 2, 2022. The election process page in Jenkins has been updated accordingly.
Advocacy & Outreach Update
Google Summer of Code 2022 Ended
Congratulations to all GSoC contributors! Thank you for your contributions!
Jenkins GSoC 2022 ended in October with the successful completion of all 4 projects. Below are the final reporting from each projects:
Demos were represented during the Jenkins Online Meetup. The recording can be found here.
This program isn’t possible without the dedication of all the mentors. Hats off to all Jenkins GSoC mentors!
Hacktoberfest
Participation in the 2022 edition of this worldwide event was strong. 117 seasoned but also first-time contributors submitted 613 eligible PRs. From these, 531 PRs are "Hacktoberfest complete" (merged or flagged as hacktoberfest-approved). They were submitted by 95 contributors (among them 42 qualify for the swag just with Jenkins contribution).
Congratulations and many thanks to those who contributed but also to those who advised/guided/reviewed/coached these contributors.