Releases: jenkinsci/aws-credentials-plugin
Releases · jenkinsci/aws-credentials-plugin
231.v08a_59f17d742
Contributors
MarkEWaite and rsandell
Assets 2
218.v1b_e9466ec5da_
👷 Changes for plugin developers
📝 Documentation updates
- Even though this plugin was initially open-sourced from CloudBees work, it shouldn't be branded as CloudBees. (#127) @Vlatombe
👻 Maintenance
- chore: use jenkins infra maven cd reusable workflow (#150) @jetersen
- Replacing JSR-305 javax.annotations with Spotbugs (#193) @aneveux
- Increase spotbugs checks and fix redundant interface declaration (#189) @aneveux
- Updating parent pom and bom (#188) @aneveux
📦 Dependency updates
- Bump jenkins-infra/interesting-category-action from 1.0.0 to 1.2.1 (#178) @dependabot
- Bump jenkins-infra/verify-ci-status-action from 1.2.0 to 1.2.2 (#176) @dependabot
- Bump git-changelist-maven-extension from 1.3 to 1.6 (#198) @dependabot
- Bump actions/checkout from 2.4.0 to 3.3.0 (#190) @dependabot
- Bump jenkins-infra/jenkins-maven-cd-action from 1.2.0 to 1.3.3 (#195) @dependabot
- Bump actions/setup-java from 2.5.0 to 3.10.0 (#196) @dependabot
Contributors
basil, Vlatombe, and 3 other contributors
Assets 2
191.vcb_f183ce58b_9
🐛 Bug fixes
- [SECURITY-2351] CVE-2022-27198 (CSRF), CVE-2022-27199 (permission check)
CloudBees AWS Credentials Plugin 189.v3551d5642995 and earlier does not perform a permission check in a method implementing form validation. Additionally, this form validation method does not require POST requests, resulting in a cross-site request forgery (CSRF) vulnerability.
189.v3551d5642995
🐛 Bug fixes
- JENKINS-67452 - Do not add blank external ids (#125) @jtnord
📦 Dependency updates
- Bump plugin from 4.28 to 4.33 (#123) @dependabot
- Bump git-changelist-maven-extension from 1.2 to 1.3 (#120) @dependabot
👻 Maintenance
Contributors
Vlatombe, jtnord, and dependabot
Assets 2
1.33
🚀 New features and improvements
- JENKINS-65105 - : Support for externalID when using role (#88) @hitesh22
📦 Dependency updates
- Bump bom-2.249.x from 950.v396cb834de1e to 961.vf0c9f6f59827 (#104) @dependabot
- Bump plugin from 4.27 to 4.28 (#106) @dependabot
Contributors
hitesh22 and dependabot
Assets 2
1.32
33b7d79
This commit was signed with the committer’s verified signature.
The key has expired.
Vlatombe
Vincent Latombe
🚀 New features and improvements
📦 Dependency updates
- Use version from bom (#102) @Vlatombe
- Replace heavyweight aws-java-sdk with fine-grained aws-java-sdk-ec2 (#93) @Vlatombe
- Bump plugin from 4.2 to 4.27 (#98) @dependabot
- Bump git-changelist-maven-extension from 1.0-beta-7 to 1.2 (#100) @dependabot
Contributors
jglick, Vlatombe, and dependabot
