KostyaSha / github-integration-plugin

Jenkins GitHub Integration Plugin
https://wiki.jenkins-ci.org/display/JENKINS/GitHub+Integration+Plugin
MIT License
98 stars 86 forks source link

Bump git from 3.6.3 to 4.11.2 in /github-pullrequest-plugin #359

Closed dependabot[bot] closed 2 years ago

dependabot[bot] commented 2 years ago

Bumps git from 3.6.3 to 4.11.2.

Release notes

Sourced from git's releases.

4.11.2

Security fix

  • SECURITY-2478 - Prevent checkout from the controller file system

4.11.1

đź“ť Documentation updates

🚦 Tests

📦 Dependency updates

4.11.0

🚀 New features and improvements

📦 Dependency updates

🚦 Tests

4.10.3

🚦 Tests

... (truncated)

Changelog

Sourced from git's changelog.

[[changelog-moved-to-github-releases]] = Changelog moved to https://github.com/jenkinsci/git-plugin/releases[GitHub Releases]

== See https://github.com/jenkinsci/git-plugin/releases[GitHub Releases] for all new changelogs (July 1, 2019)

== Version 3.10.0 (May 2, 2019)

== Version 3.9.4 (April 24, 2019)

== Version 4.0.0-rc (January 30, 2019)

== Version 3.9.3 (January 30, 2019)

... (truncated)

Commits
  • 6cfc2f8 [maven-release-plugin] prepare release git-4.11.2
  • b295606 “SECURITY-2478”
  • 7881959 [maven-release-plugin] prepare for next development iteration
  • 8d93ac3 [maven-release-plugin] prepare release git-4.11.1
  • b3e5a8f Merge pull request #1255 from basil/JENKINS-67309
  • 23b2654 Work around JENKINS-67309
  • 3f62c0d Merge pull request #1254 from jenkinsci/dependabot/maven/org.jenkins-ci.plugi...
  • 5b8a226 Bump promoted-builds from 3.9.1 to 3.10.1
  • 702bd5c Merge pull request #1250 from jenkinsci/dependabot/maven/master/com.diffplug....
  • 5e34474 Bump spotless-maven-plugin from 2.22.0 to 2.22.1
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/KostyaSha/github-integration-plugin/network/alerts).

This change is Reviewable

dependabot[bot] commented 2 years ago

Superseded by #369.