Back to blog

Jenkins August 2023 Newsletter

Damien DUPORTAL
Damien DUPORTAL
Mark Waite
Mark Waite
Bruno Verachten
Bruno Verachten
Wadeck Follonier
Wadeck Follonier
Kevin Martens
Kevin Martens
Alyssa Tong
Alyssa Tong
September 21, 2023

Jenkins July Newsletter

Key Takeaways

  • Jenkins project reports growth of 79% in Jenkins Pipeline, used to propel software delivery.

Security Update

Contributed by: Wadeck Follonier

  • Andrea Chiera completed his 3 months internship within the Security team, auditing 100 plugins and finding 20+ vulnerabilities.

  • A Plugin security advisory was published on August 16

  • The Security team is progressing on the CSP compliance project for Jenkins Core, encountering interesting corner cases that have to be covered.

Governance Update

Contributed by: Mark Waite

Voter registration and candidate nomination for Jenkins elections will begin in September. The blog post contains more details.

The ten year old Prototype.js JavaScript library will be removed from Jenkins core beginning with the weekly release October 3, 2023. Special thanks to Basil Crow and Tim Jacomb for their work preparing Jenkins core and Jenkins plugins for a successful removal of that outdated library.

Infrastructure Update

Contributed by: Damien Duportal

  • JDK21 (Early Access Temurin Edition) and Maven 3.9.4 are generally available for developers on ci.jenkins.io.

  • JDK17 is the default for all Jenkins controllers and agents on the Jenkins public infrastructure.

  • Migration of the last two VMs to a new IPv6-enabled network removed a monthly cost of $1000 for unused cloud resources.

User Experience Update

Contributed by: Mark Waite

The Jenkins user experience continues to improve. Jenkins 2.414.1 include significant updates to many UI elements, including form and page modernization.

  • Dropdown links have been improved and are now part of a common framework

  • Log recorder administration has been updated to be consistent with other pages

  • Sign-in page has been modernized and simplified

  • Many delete dialogs have been standardized and prepared for future improvements

  • Builds widget has a better layout

Platform Modernization Update

Contributed by: Bruno Verachten

  • There has been an issue with Docker Images republishing unexpectedly, causing old tags to be rebuilt. This is now solved.

  • JDK21:

    • Work is ongoing to keep JDK21 updated to an early access version in Jenkins’ infrastructure.

    • Jenkins can run on JDK21 since version 2.419.

    • A proposal from Mark Waite regarding Java 11, Java 17, and Java 21 adoption roadmap in Jenkins is being considered.

  • Docker agents and controller:

    • Ssh-agent: breaking change in 5.10.0 with the replacement of bullseye in favor of bookworm.

    • Controller:

    • Windows:

      • Windows agent images are now using a Windows server image, which is a breaking change.

      • Windows 2022 images are being considered due to Windows 2019 reaching end-of-life.

      • Instructions for Java 17 are still to be updated in the Windows docs.

Documentation Update

Contributed by: Kevin Martens

Over the course of August, there were seven blog posts published by a combination of 12 different authors. This included updates from the Google Summer of Code participants, a retrospective on a Jenkins security internship, considering what the future holds for Jenkins, and notices regarding bandwidth reduction, Linux containers, and Java 17 use in the Jenkins documentation.

About the authors

Damien DUPORTAL

Damien DUPORTAL

Damien is the Jenkins Infrastructure officer and a software engineer at CloudBees working as a Site Reliability Engineer for the Jenkins Infrastructure project. Not only he is a decade-old Hudson/Jenkins user but also an open-source citizen who participates in Updatecli, Asciidoctor, Traefik and many others.

Mark Waite

Mark Waite

Mark is a member of the Jenkins governing board, a long-time Jenkins user and contributor, a core maintainer, and maintainer of the git plugin, the git client plugin, the platform labeler plugin, the embeddable build status plugin, and several others. He is one of the authors of the "Improve a plugin" tutorial.

Bruno Verachten

Bruno Verachten

Bruno is a father of two, husband of one, geek in denial, beekeeper, permie and a Developer Relations for the Jenkins project. He’s been tinkering with continuous integration and continuous deployment since 2013, with various products/tools/platforms (Gitlab CI, Circle CI, Travis CI, Shippable, Github Actions, …​), mostly for mobile and embedded development.
He’s passionate about embedded platforms, the ARM&RISC-V ecosystems, and Edge Computing. His main goal is to add FOSS projects and platforms to the ARM&RISC-V architectures, so that they become as boring as X86_64.
He is also the creator of miniJen, the smallest multi-cpu architectures Jenkins instance known to mankind.

Wadeck Follonier

Wadeck Follonier

Wadeck is the Jenkins security officer, leading the security team in improving Jenkins security. He likes to provide solutions that are both useful and easy to use.

Kevin Martens

Kevin Martens

Kevin Martens is part of the CloudBees Documentation team, helping with Jenkins documentation creation and maintenance.

Alyssa Tong

Alyssa Tong

Member of the Jenkins Advocacy and Outreach SIG. Alyssa drives and manages Jenkins participation in community events and conferences like FOSDEM, SCaLE, cdCON, and KubeCon. She is also responsible for Marketing & Community Programs at CloudBees, Inc.