[jenkinsci/snyk-security-scanner-plugin] 8c26ae: chore: update pom dependency, base image to jenkin...

Mon, 26 Feb 2024 23:33:49 -0800 

  Branch: refs/heads/master
  Home:   https://github.com/jenkinsci/snyk-security-scanner-plugin
  Commit: 8c26ae962b0b79f51f376a40f5838ffb85be3620
      
https://github.com/jenkinsci/snyk-security-scanner-plugin/commit/8c26ae962b0b79f51f376a40f5838ffb85be3620
  Author: Casey Marshall <[email protected]>
  Date:   2024-02-23 (Fri, 23 Feb 2024)

  Changed paths:
    M .github/Dockerfile
    M .github/run.sh
    M pom.xml

  Log Message:
  -----------
  chore: update pom dependency, base image to jenkins 2.442

Mitigate critical severity vuln
https://app.snyk.io/vuln/SNYK-JAVA-ORGJENKINSCIMAIN-6190606
by updating the pom dependency and base image to Jenkins 2.442.

In this new base image, system-wide pip installs aren't allowed so the Debian
packages are updated to satisfy the virtualenv requirement.

Installing Debian packages with --no-install-recommends because the default was
pulling in x11 and a bunch of extra junk a Jenkins server shouldn't need.

Drive-by: fix docker command-line flag in run script, noticed this when testing
the image locally.


  Commit: 9bb0d010e79c4d932e23c6ebd61a121267a0d20a
      
https://github.com/jenkinsci/snyk-security-scanner-plugin/commit/9bb0d010e79c4d932e23c6ebd61a121267a0d20a
  Author: PeterSchafer <[email protected]>
  Date:   2024-02-27 (Tue, 27 Feb 2024)

  Changed paths:
    M .github/Dockerfile
    M .github/run.sh
    M pom.xml

  Log Message:
  -----------
  Merge pull request #145 from cmars/chore/update-base-image-2_442

chore: update pom dependency and base image to jenkins 2.442


Compare: 
https://github.com/jenkinsci/snyk-security-scanner-plugin/compare/e6802c00ff58...9bb0d010e79c

To unsubscribe from these emails, change your notification settings at 
https://github.com/jenkinsci/snyk-security-scanner-plugin/settings/notifications

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Commits" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-commits/jenkinsci/snyk-security-scanner-plugin/push/refs/heads/master/e6802c-9bb0d0%40github.com.

Reply via email to