Mark Waite
Mark is a member of the Jenkins governing board, a long-time Jenkins user and contributor, a core maintainer, and maintainer of the git plugin, the git client plugin, the platform labeler plugin, the embeddable build status plugin, and several others. He is one of the authors of the "Improve a plugin" tutorial.
Open source software has changed software development. Companies readily use open source as a key part of their software development and delivery. Open source operating systems dominate cloud computing operating systems. Open source JavaScript libraries and frameworks like Angular, Vue.js, and React are key components in web applications. Open source Java libraries and frameworks like Spring Framework, Spring Boot, Hibernate, and Grails provide effective...
The Jenkins infrastructure team has extended the reach of the ci.jenkins.io agents. We’re grateful that DigitalOcean has donated $2760 to the Jenkins project. The donation has allowed us to run jobs from ci.jenkins.io on an additional cluster hosted by DigitalOcean. Easy setup We defined a new Kubernetes cluster on DigitalOcean with the DigitalOcean Terraform provider. The infrastructure is defined as code in our DigitalOcean infrastructure...
The She Code Africa Contributhon started April 5, 2022. The She Code Africa Contributhon is a boot camp where African women are paid to work with open source organizations on selected projects with dedicated mentors. This program aims to create a more diverse, inclusive, and innovative culture within the African open source ecosystem by matching African women in technology with sponsor and...
A remote code execution vulnerability has been identified in the Spring Framework. This vulnerability is identified as CVE-2022-22965. Spring officially reacted early in an early announcement. SpringShell in Jenkins Core and Plugins The Jenkins security team has confirmed that the Spring vulnerability is not affecting Jenkins Core. There is no impact because we are using Stapler as a servlet, and neither Spring MVC nor Spring...
Special thanks from the Jenkins project to users and contributors with the New Year! Let’s take a look at some changes this year. Highlights Major events including Google Summer of Code, Hacktoberfest, She Code Africa Contributhon, and three Contributor Summits Strong support from new and continuing Sponsors Core features for configuration form modernization, upgrades to key dependencies, continuous delivery for plugins, and Java 11 as...
10 years ago, the Jenkins ruby-runtime was first released. It was an experiment to let plugins be written in ruby but still get integrated into the main Java Virtual Machine runtime with help of JRuby. A similar extension was made to allow plugins to be written in Python but still integrated into the Java Virtual Machine with Jython. Over the years though, the experiments...
A critical security vulnerability has been identified in the popular "Apache Log4j 2" library. This vulnerability is identified as CVE-2021-44228. Log4j in Jenkins The Jenkins security team has confirmed that Log4j is not used in Jenkins core. Jenkins plugins may be using Log4j. You can identify whether Log4j is included with any plugin by running the following Groovy script in the Script Console: org.apache.logging.log4j.core.lookup.JndiLookup.class.protectionDomain.codeSource If this results...
Hacktoberfest 2021 made great contributions to the Jenkins project. We thank all the Hacktoberfest contributors and the maintainers who reviewed the submitted pull requests. We received contributions in artwork, translation, documentation, security, and general purpose improvements. The contributions included software improvements, documentation updates, and video tutorials. Translations and Artwork Duchess France provided significant improvements to the French localization of Jenkins. The changes included new translations of...
Jenkins Pipeline (or simply Pipeline with a capital P) is a suite of plugins that supports implementing and integrating continuous delivery pipelines into Jenkins. This allows you to automate the process of getting software from version control through to your users and customers. Pipeline code works beautifully for its intended role of automating build, test, deploy, and administration tasks. But, as it is...