Page 9

• First results from using GitHub CodeQL to discover security vulnerabilities in Jenkins plugins

  A little over a month ago, GitHub announced the general availability of its code scanning solution. It’s based on CodeQL, which makes it pretty easy to write queries for it and run them using the CodeQL GitHub action, CodeQL command line tools, or on lgtm.com. Many of the security vulnerabilities discovered in Jenkins plugins are fairly similar to each other, and unfortunately...

  Daniel Beck November 4, 2020
• 

  Jenkins Windows Services: YAML Configuration Support - GSoC Project Results

  Hello, world! GSoC 2020 Phase 3 has ended now and it was a great period for the Jenkins Windows Services - YAML Configuration Support project. In this blog post, I will announce the updates during the GSoC 2020 - Phase 2 and Phase 3. If you are not already aware of this project, I would recommend reading this blog post which was...

  Buddhika Chathuranga August 27, 2020
• 

  Windows Service Wrapper : YAML Configuration Support - GSoC Phase - 01 Updates

  Hello all, I am Buddhika Chathuranga from Sri Lanka and I am a final year undergraduate at the Faculty of IT, University of Moratuwa. I am participating in GSoC 2020 with Jenkins. I am working on the Windows Service Wrapper Project. So the Coding Phase 01 of GSoC 2020 is now over and this blog post describes what I have done so...

  Buddhika Chathuranga July 8, 2020
• 

  Introducing the Azure Key Vault Credentials Provider for Jenkins

  Azure Key Vault is a product for securely managing keys, secrets and certificates. I’m happy to announce two new features in the Azure Key Vault plugin: a credential provider to tightly link Jenkins and Azure Key Vault. huge thanks to Jie Shen for contributing this integration with the configuration-as-code plugin. These changes were released in v1.8 but make sure to run the latest version of...

  

  Tim Jacomb March 30, 2020
• Findsecbugs for Developers

  Spotbugs is a utility used in Jenkins and many other Java projects to detect common Java coding mistakes and bugs. It is integrated into the build process to improve the code before it gets merged and released. Findsecbugs is a plugin for Spotbugs that adds 135 vulnerability types focused on the OWASP TOP 10 and the Common Weakness Enumeration (CWE)....

  

  Jeff Thompson March 2, 2020
• 

  Google Summer of Code 2019 Report

  Google Summer of Code is much more than a summer internship program, it is a year-round effort for the organization and some community members. Now, after the DevOps World | Jenkins World conference in Lisbon and final retrospective meetings, we can say that GSoC 2019 is officially over. We would like to start by thanking all participants: students, mentors, subject matter experts...

  

  Martin d'Anjou

  

  Jeff Pearce

  

  Oleg Nenashev

  

  Marky Jackson January 29, 2020
• 

  Jenkins Health Advisor by CloudBees is here!

  Managing any software presents its own unique challenges. Jenkins controllers are no exception. For example, How do you keep a finger on the pulse of everything going on in your Jenkins environment? Are you looking at every new defect opened in the issue tracker? How do you make sure that your controllers or agents don’t silently fail? Are you monitoring its logs?...

  

  Arnaud Héritier November 22, 2019
• Google Summer of Code Mentor and Org Admin Perspective

  I was fortunate enough to participate in the Google Summer of Code 2019 as a mentor and org admin. This was great and I wanted to share in hopes of encouraging more people to join. You can learn more about the Google Summer of Code here Community Bonding The first phase of the project is the community bonding phase. This is where the student...

  

  Marky Jackson October 8, 2019
• 

  Becoming a Jenkins contributor: Newbie-friendly tickets

  Two months ago I published an introductory article on the journey of becoming a Jenkins contributor. In that first article, the jenkins.io site was reviewed, learning about the multiple ways in which we can participate and contribute. Then, a first—​basic—​contribution I made to the site repository was described. Now, in this new article we will be exploring more advanced contributions, committing code to the...

  

  Romén Rodríguez-Gil May 30, 2019