Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump groovy from 1.9 to 2.2 #174

Merged
merged 12 commits into from
Mar 16, 2023
Merged

Bump groovy from 1.9 to 2.2 #174

merged 12 commits into from
Mar 16, 2023

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 6, 2022

Bumps groovy from 1.9 to 2.2.

Changelog

Sourced from groovy's changelog.

Release 2.2 (2019-03-06)

Release 2.1 (2019-01-28)

Release 2.0 (2017-04-10)

  • Arbitrary code execution by unprivileged user (SECURITY-292)
  • continue with code cleanup - fixed Findbugs issues

Release 1.30 (2016-11-18)

  • XSS protection
  • code cleanup

Release 1.28, 1.29 (2016-01-05)

  • code cleanup

Release 1.27 (2015-08-05)

  • Callable roles are properly checked

Release 1.26 (2015-07-27)

Release 1.25 (2015-05-11)

  • Made default choice also for System Groovy script to avoid zero height of textarea (JENKINS-25455)
  • Add help file for Groovy version (JENKINS-12988)
  • Made setting Groovy installations thread-safe (JENKINS-28287)

Release 1.24 (2014-11-09)

  • Ensure non-zero height of Groovy command text box, making it default choice when adding new build step

... (truncated)

Commits
  • 0ace219 [maven-release-plugin] prepare release groovy-2.2
  • 40777c2 [SECURITY-1338] Prevent unsandboxed invocation of constructors
  • c536a7c [maven-release-plugin] prepare for next development iteration
  • 60dbd79 [maven-release-plugin] prepare release groovy-2.1
  • 212e048 [SECURITY-1293] Secure the script check in StringScriptSource
  • da0739d [maven-release-plugin] prepare for next development iteration
  • ad965ad [maven-release-plugin] prepare release groovy-2.0
  • fe1a3ee Address not-actually-plausible FB error
  • fcdff05 Found that FileSystemScriptSource did not work. (This scenario apparently had...
  • 3adafe1 Strengthening test to assert OldDataMonitor behavior.
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump groovy from 1.9 to 2.2
f66458b 
Bumps [groovy](https://github.com/jenkinsci/groovy-plugin) from 1.9 to 2.2.
- [Release notes](https://github.com/jenkinsci/groovy-plugin/releases)
- [Changelog](https://github.com/jenkinsci/groovy-plugin/blob/master/CHANGELOG.md)
- [Commits](jenkinsci/groovy-plugin@groovy-1.9...groovy-2.2)

---
updated-dependencies:
- dependency-name: org.jenkins-ci.plugins:groovy
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Dec 6, 2022
@gounthar gounthar enabled auto-merge December 7, 2022 08:40
@gounthar
Copy link
Contributor

gounthar commented Dec 7, 2022

I guess I will need some help with this one.

@guysoft
Copy link
Contributor

guysoft commented Dec 7, 2022

Its faling on:

[2022-12-07T08:56:06.084Z] [ERROR] COMPILATION ERROR : 
[2022-12-07T08:56:06.084Z] [INFO] -------------------------------------------------------------
[2022-12-07T08:56:06.084Z] [ERROR] /home/jenkins/agent/workspace/nfigurationslicing-plugin_PR-174/src/main/java/configurationslicing/tools/GroovySlicer.java:[57,19] error: cannot find symbol
[2022-12-07T08:56:06.084Z]   symbol:   variable DESCRIPTOR
[2022-12-07T08:56:06.084Z]   location: class Groovy
[2022-12-07T08:56:06.084Z] [INFO] 1 error

Its failing on this line:
https://github.com/jenkinsci/configurationslicing-plugin/blob/master/src/main/java/configurationslicing/tools/GroovySlicer.java#L57

      return Groovy.DESCRIPTOR.getInstallations();

I am not sure how to fix that.

@gounthar
Copy link
Contributor

gounthar commented Dec 8, 2022

Neither am I. As far as I understand, Groovy is from the Groovy plugin, but I have not been able to find why and when Descriptor vanished yet in the Groovy class.

gounthar
gounthar approved these changes Mar 16, 2023
View reviewed changes
Copy link
Contributor

@gounthar gounthar left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks a lot for unblocking, Mark.
You found a new way of getting the list of installations that I could not find.

@gounthar gounthar merged commit 3a8a0d1 into master Mar 16, 2023
@dependabot dependabot bot deleted the dependabot/maven/org.jenkins-ci.plugins-groovy-2.2 branch March 16, 2023 15:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gounthar gounthar gounthar approved these changes

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file java Pull requests that update Java code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@gounthar @guysoft @MarkEWaite