Skip to content

Bump git from 4.1.0 to 4.2.2#207

Merged
dependabot-preview[bot] merged 1 commit intomasterfrom
dependabot/maven/org.jenkins-ci.plugins-git-4.2.2
Jun 19, 2020
Merged

Bump git from 4.1.0 to 4.2.2#207
dependabot-preview[bot] merged 1 commit intomasterfrom
dependabot/maven/org.jenkins-ci.plugins-git-4.2.2

Conversation

@dependabot-preview
Copy link
Contributor

@dependabot-preview dependabot-preview bot commented Mar 11, 2020
edited by jetersen
Loading

Bumps git from 4.1.0 to 4.2.2.

Release notes

Sourced from git's releases.

Git Plugin 4.2.2

📝 Documentation updates

📦 Dependency updates

🚦 Tests

Git Plugin 4.2.1

⚡️ Security Fix

  • Prevent stored cross-site scripting vulnerability in Team Foundation Server error message - SECURITY-1723

Git Plugin 4.2.0

🚀 New features and improvements

🐛 Bug Fixes

📦 Dependency updates

📝 Documentation updates

🚦 Tests

Git Plugin 4.1.1

📝 Documentation updates

... (truncated)
Commits
  • 580f578 [maven-release-plugin] prepare release git-4.2.2
  • a1c761b Merge pull request #851 from rishabhBudhouliya/UserIdentityTest
  • f46eebf Merge pull request #852 from rishabhBudhouliya/WipeWorkspaceTest
  • 5b1b9cd Merge remote-tracking branch 'upstream/v4.2.x'
  • 1ab4aa7 Bump xmlunit-matchers from 2.6.3 to 2.6.4
  • 0c41d45 A small change in before() method to run equalsContract() test
  • 5f4f05b Removed duplicate code and added @WithoutJenkins
  • 4cfc649 Removed duplicate set extension in SCM line and added @WithoutJenkins for equ...
  • 8d8cc36 Addition of unit test for WipeWorkspace and force clone extension behavior in...
  • 0a675bc Update UserIdentityTest: Removed unnecessary imports
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in the .dependabot/config.yml file in this repo:

  • Update frequency
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

@dependabot-preview dependabot-preview bot added the dependencies Pull requests that update a dependency file label Mar 11, 2020
@dependabot-preview dependabot-preview bot requested a review from jglick March 11, 2020 06:01
@dependabot-preview dependabot-preview bot mentioned this pull request Mar 11, 2020
Closed
@dependabot-preview dependabot-preview bot force-pushed the dependabot/maven/org.jenkins-ci.plugins-git-4.2.2 branch from a6db016 to f604c51 Compare April 8, 2020 08:52
@jglick
Copy link
Member

jglick commented Apr 8, 2020

check after #208

@timja
Copy link
Member

timja commented Apr 9, 2020

jenkinsci/git-plugin#841

[2020-04-08T09:00:33.747Z] Require upper bound dependencies error for commons-beanutils:commons-beanutils:1.8.3 paths to dependency are:

[2020-04-08T09:00:33.747Z] +-io.jenkins.tools.bom:sample:7-rc308.f604c5110698

[2020-04-08T09:00:33.747Z]   +-org.jenkins-ci.main:jenkins-core:2.164.3

[2020-04-08T09:00:33.747Z]     +-commons-beanutils:commons-beanutils:1.8.3

[2020-04-08T09:00:33.747Z] and

[2020-04-08T09:00:33.747Z] +-io.jenkins.tools.bom:sample:7-rc308.f604c5110698

[2020-04-08T09:00:33.747Z]   +-org.jenkins-ci.plugins:git:4.2.2

[2020-04-08T09:00:33.747Z]     +-commons-validator:commons-validator:1.6

[2020-04-08T09:00:33.747Z]       +-commons-beanutils:commons-beanutils:1.9.2

[2020-04-08T09:00:33.747Z] and

[2020-04-08T09:00:33.747Z] +-io.jenkins.tools.bom:sample:7-rc308.f604c5110698

[2020-04-08T09:00:33.747Z]   +-org.jenkins-ci.main:jenkins-core:2.164.3

[2020-04-08T09:00:33.747Z]     +-org.kohsuke.stapler:json-lib:2.4-jenkins-2

[2020-04-08T09:00:33.747Z]       +-commons-beanutils:commons-beanutils:1.8.0

[2020-04-08T09:00:33.747Z] and

[2020-04-08T09:00:33.747Z] +-io.jenkins.tools.bom:sample:7-rc308.f604c5110698

[2020-04-08T09:00:33.747Z]   +-org.jenkins-ci.main:jenkins-core:2.164.3

[2020-04-08T09:00:33.747Z]     +-commons-digester:commons-digester:2.1

[2020-04-08T09:00:33.747Z]       +-commons-beanutils:commons-beanutils:1.8.3

[2020-04-08T09:00:33.747Z] and

[2020-04-08T09:00:33.747Z] +-io.jenkins.tools.bom:sample:7-rc308.f604c5110698

[2020-04-08T09:00:33.747Z]   +-org.jenkins-ci.main:jenkins-core:2.164.3

[2020-04-08T09:00:33.747Z]     +-commons-jelly:commons-jelly-tags-xml:1.1

[2020-04-08T09:00:33.747Z]       +-commons-beanutils:commons-beanutils:1.6

[2020-04-08T09:00:33.747Z] and

[2020-04-08T09:00:33.747Z] +-io.jenkins.tools.bom:sample:7-rc308.f604c5110698

[2020-04-08T09:00:33.747Z]   +-org.jenkins-ci.main:jenkins-core:2.164.3

[2020-04-08T09:00:33.747Z]     +-org.kohsuke.stapler:stapler-jrebel:1.256

[2020-04-08T09:00:33.747Z]       +-org.kohsuke.stapler:stapler:1.256

[2020-04-08T09:00:33.747Z]         +-commons-beanutils:commons-beanutils:1.8.3

[2020-04-08T09:00:33.747Z] and

[2020-04-08T09:00:33.747Z] +-io.jenkins.tools.bom:sample:7-rc308.f604c5110698

[2020-04-08T09:00:33.747Z]   +-org.jenkins-ci.main:jenkins-core:2.164.3

[2020-04-08T09:00:33.747Z]     +-org.kohsuke.stapler:stapler-groovy:1.256

[2020-04-08T09:00:33.747Z]       +-org.kohsuke.stapler:stapler-jelly:1.256

[2020-04-08T09:00:33.747Z]         +-org.jenkins-ci:commons-jelly:1.1-jenkins-20120928

[2020-04-08T09:00:33.747Z]           +-commons-beanutils:commons-beanutils:1.7.0

@timja
Copy link
Member

timja commented Apr 9, 2020

Fixed in jenkinsci/git-plugin#862 unreleased

timja
timja requested changes Apr 9, 2020
View reviewed changes
Copy link
Member

@timja timja left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

needs a release of the git plugin and a newer lts baseline added to bom

@jglick
Copy link
Member

jglick commented Apr 9, 2020

(#214)

@dependabot-preview dependabot-preview bot force-pushed the dependabot/maven/org.jenkins-ci.plugins-git-4.2.2 branch from f604c51 to 020bd9d Compare April 14, 2020 01:43
jglick
jglick requested changes Apr 15, 2020
View reviewed changes
Copy link
Member

@jglick jglick left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

still broken

@dependabot-preview dependabot-preview bot force-pushed the dependabot/maven/org.jenkins-ci.plugins-git-4.2.2 branch from 020bd9d to c474b21 Compare June 5, 2020 17:10
@jetersen
Copy link
Member

jetersen commented Jun 19, 2020

@dependabot rebase

@dependabot-preview
Bump git from 4.0.0 to 4.2.2
37156cc 
Bumps [git](https://github.com/jenkinsci/git-plugin) from 4.0.0 to 4.2.2.
- [Release notes](https://github.com/jenkinsci/git-plugin/releases)
- [Changelog](https://github.com/jenkinsci/git-plugin/blob/master/CHANGELOG.adoc)
- [Commits](jenkinsci/git-plugin@git-4.0.0...git-4.2.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
@dependabot-preview dependabot-preview bot force-pushed the dependabot/maven/org.jenkins-ci.plugins-git-4.2.2 branch from c474b21 to 37156cc Compare June 19, 2020 06:46
@jetersen jetersen changed the title Bump git from 4.0.0 to 4.2.2 Bump git from 4.1.0 to 4.2.2 Jun 19, 2020
timja
timja approved these changes Jun 19, 2020
View reviewed changes
Copy link
Member

@timja timja left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@dependabot merge

@dependabot-preview dependabot-preview bot merged commit b93e1bb into master Jun 19, 2020
@dependabot-preview dependabot-preview bot deleted the dependabot/maven/org.jenkins-ci.plugins-git-4.2.2 branch June 19, 2020 12:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jglick jglick jglick requested changes

@jetersen jetersen jetersen approved these changes

@timja timja timja approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@jglick @timja @jetersen