Closed renovate[bot] closed 2 weeks ago
bburky
commented
4 weeks ago The oic-auth plugin is affected by two high severity vulnerabilities: CVE-2024-47806 and CVE-2024-47807 https://www.jenkins.io/security/advisory/2024-10-02/
Update to 4.355.v3a_fb_fca_b_96d4 or later to resolve (Renovate is suggesting 4.411.v990b_9d36e74e which is good)
renovate[bot]
commented
2 weeks ago Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.
You can manually request rebase by checking the rebase/retry box above.
⚠️ Warning: custom changes will be lost.
This PR contains the following updates:
203.v3f46a_7462b_1a_->205.v47f4ee8803d11850.va_a_8c31d3158b_->1873.vea_5814ca_9c934287.v73451380b_576->4295.v7fa_01b_309c954.340.ve70636c6590e->4.418.vccc7061f5b_6d784.vea_eca_f6592eb_->787.v52e8f47488fc4.487.v9f1c3328f1c0->4.501.v4313a_01e3a_18Release Notes
jenkinsci/cloudbees-disk-usage-simple-plugin (jenkinsci/cloudbees-disk-usage-simple-plugin)
### [`v205.v47f4ee8803d1`](https://redirect.github.com/jenkinsci/cloudbees-disk-usage-simple-plugin/releases/tag/205.v47f4ee8803d1) [Compare Source](https://redirect.github.com/jenkinsci/cloudbees-disk-usage-simple-plugin/compare/203.v3f46a_7462b_1a_...205.v47f4ee8803d1) #### 🚀 New features and improvements - style: Use monospace font to render Disk Usage and Amount ([#102](https://redirect.github.com/jenkinsci/cloudbees-disk-usage-simple-plugin/issues/102)) [@rahulsom](https://redirect.github.com/rahulsom)jenkinsci/configuration-as-code-plugin (jenkinsci/configuration-as-code-plugin)
### [`v1873.vea_5814ca_9c93`](https://redirect.github.com/jenkinsci/configuration-as-code-plugin/releases/tag/1873.vea_5814ca_9c93) [Compare Source](https://redirect.github.com/jenkinsci/configuration-as-code-plugin/compare/1850.va_a_8c31d3158b_...1873.vea_5814ca_9c93) #### 👷 Changes for plugin developers - Removing tests of `Jenkins.agentProtocols` ([#2580](https://redirect.github.com/jenkinsci/configuration-as-code-plugin/issues/2580)) [@jglick](https://redirect.github.com/jglick) #### 📝 Documentation updates - Add doc for exporting config from a groovy script ([#2564](https://redirect.github.com/jenkinsci/configuration-as-code-plugin/issues/2564)) [@its-dave](https://redirect.github.com/its-dave) #### 📦 Dependency updates20 changes
- Update dependency org.apache.maven.plugins:maven-checkstyle-plugin to v3.6.0 ([#2582](https://redirect.github.com/jenkinsci/configuration-as-code-plugin/issues/2582)) [@renovate](https://redirect.github.com/renovate) - Update dependency com.puppycrawl.tools:checkstyle to v10.19.0 ([#2581](https://redirect.github.com/jenkinsci/configuration-as-code-plugin/issues/2581)) [@renovate](https://redirect.github.com/renovate) - Update dependency io.jenkins.docker:docker-plugin to v1.7.0 ([#2578](https://redirect.github.com/jenkinsci/configuration-as-code-plugin/issues/2578)) [@renovate](https://redirect.github.com/renovate) - Update dependency io.jenkins.plugins:artifact-manager-s3 to v878 ([#2579](https://redirect.github.com/jenkinsci/configuration-as-code-plugin/issues/2579)) [@renovate](https://redirect.github.com/renovate) - Update dependency org.jenkins-ci.plugins:ec2 to v1715 ([#2575](https://redirect.github.com/jenkinsci/configuration-as-code-plugin/issues/2575)) [@renovate](https://redirect.github.com/renovate) - Update dependency io.vavr:vavr to v0.10.5 ([#2573](https://redirect.github.com/jenkinsci/configuration-as-code-plugin/issues/2573)) [@renovate](https://redirect.github.com/renovate) - Update plugin-bom.version to v3435 (major) ([#2568](https://redirect.github.com/jenkinsci/configuration-as-code-plugin/issues/2568)) [@renovate](https://redirect.github.com/renovate) - Update dependency org.jenkins-ci.plugins:msbuild to v1.35 ([#2570](https://redirect.github.com/jenkinsci/configuration-as-code-plugin/issues/2570)) [@renovate](https://redirect.github.com/renovate) - Bump jenkins.version from 2.462.2 to 2.462.3 ([#2569](https://redirect.github.com/jenkinsci/configuration-as-code-plugin/issues/2569)) [@github-actions](https://redirect.github.com/github-actions) - Update dependency org.jenkins-ci.plugins:plugin to v4.88 ([#2567](https://redirect.github.com/jenkinsci/configuration-as-code-plugin/issues/2567)) [@renovate](https://redirect.github.com/renovate) - Update dependency com.puppycrawl.tools:checkstyle to v10.18.2 ([#2566](https://redirect.github.com/jenkinsci/configuration-as-code-plugin/issues/2566)) [@renovate](https://redirect.github.com/renovate) - Update plugin-bom.version to v3387 (major) ([#2565](https://redirect.github.com/jenkinsci/configuration-as-code-plugin/issues/2565)) [@renovate](https://redirect.github.com/renovate) - Update plugin-bom.version to v3358 (major) ([#2562](https://redirect.github.com/jenkinsci/configuration-as-code-plugin/issues/2562)) [@renovate](https://redirect.github.com/renovate) - Update dependency org.jenkins-ci.plugins:job-dsl to v1.89 ([#2561](https://redirect.github.com/jenkinsci/configuration-as-code-plugin/issues/2561)) [@renovate](https://redirect.github.com/renovate) - Update dependency org.jenkins-ci.plugins:simple-theme-plugin to v196 ([#2559](https://redirect.github.com/jenkinsci/configuration-as-code-plugin/issues/2559)) [@renovate](https://redirect.github.com/renovate) - Update plugin-bom.version to v3334 (major) ([#2560](https://redirect.github.com/jenkinsci/configuration-as-code-plugin/issues/2560)) [@renovate](https://redirect.github.com/renovate) - Update dependency org.jenkins-ci.plugins:plugin to v4.87 ([#2558](https://redirect.github.com/jenkinsci/configuration-as-code-plugin/issues/2558)) [@renovate](https://redirect.github.com/renovate) - Bump jenkins.version from 2.462.1 to 2.462.2 ([#2556](https://redirect.github.com/jenkinsci/configuration-as-code-plugin/issues/2556)) [@github-actions](https://redirect.github.com/github-actions) - Update dependency org.jenkins-ci.plugins:job-dsl to v1.88 ([#2555](https://redirect.github.com/jenkinsci/configuration-as-code-plugin/issues/2555)) [@renovate](https://redirect.github.com/renovate) - Update dependency com.puppycrawl.tools:checkstyle to v10.18.1 ([#2554](https://redirect.github.com/jenkinsci/configuration-as-code-plugin/issues/2554)) [@renovate](https://redirect.github.com/renovate)jenkinsci/kubernetes-plugin (jenkinsci/kubernetes-plugin)
### [`v4295.v7fa_01b_309c95`](https://redirect.github.com/jenkinsci/kubernetes-plugin/releases/tag/4295.v7fa_01b_309c95) [Compare Source](https://redirect.github.com/jenkinsci/kubernetes-plugin/compare/4292.v11898cf8fa_66...4295.v7fa_01b_309c95) #### 🚀 New features and improvements - Copy the whole `/usr/share/jenkins` path recursively to account for extra files ([#1614](https://redirect.github.com/jenkinsci/kubernetes-plugin/issues/1614)) [@Vlatombe](https://redirect.github.com/Vlatombe) #### 🐛 Bug fixes - Use configured registry for jenkins-agent when running in agent-injection mode ([#1613](https://redirect.github.com/jenkinsci/kubernetes-plugin/issues/1613)) [@iandrewt](https://redirect.github.com/iandrewt) #### 📝 Documentation updates - Update source code url for docker-inbound-agent ([#1610](https://redirect.github.com/jenkinsci/kubernetes-plugin/issues/1610)) [@liangxia](https://redirect.github.com/liangxia) ### [`v4292.v11898cf8fa_66`](https://redirect.github.com/jenkinsci/kubernetes-plugin/releases/tag/4292.v11898cf8fa_66) [Compare Source](https://redirect.github.com/jenkinsci/kubernetes-plugin/compare/4290.v93ea_4b_b_26a_61...4292.v11898cf8fa_66) #### 🚀 New features and improvements - Use current context for validation functions ([#1608](https://redirect.github.com/jenkinsci/kubernetes-plugin/issues/1608)) [@Dohbedoh](https://redirect.github.com/Dohbedoh) #### 📦 Dependency updates - Bump org.jenkins-ci.plugins:plugin from 4.87 to 4.88 ([#1607](https://redirect.github.com/jenkinsci/kubernetes-plugin/issues/1607)) [@dependabot](https://redirect.github.com/dependabot) ### [`v4290.v93ea_4b_b_26a_61`](https://redirect.github.com/jenkinsci/kubernetes-plugin/releases/tag/4290.v93ea_4b_b_26a_61) [Compare Source](https://redirect.github.com/jenkinsci/kubernetes-plugin/compare/4288.v1719f9d0c854...4290.v93ea_4b_b_26a_61) #### 🚀 New features and improvements - [JENKINS-73789](https://issues.jenkins.io/browse/JENKINS-73789) - empty certificate is valid now ([#1605](https://redirect.github.com/jenkinsci/kubernetes-plugin/issues/1605)) [@PereBueno](https://redirect.github.com/PereBueno) #### 📝 Documentation updates - Update README with agent injection in mind ([#1606](https://redirect.github.com/jenkinsci/kubernetes-plugin/issues/1606)) [@Vlatombe](https://redirect.github.com/Vlatombe) ### [`v4288.v1719f9d0c854`](https://redirect.github.com/jenkinsci/kubernetes-plugin/releases/tag/4288.v1719f9d0c854) [Compare Source](https://redirect.github.com/jenkinsci/kubernetes-plugin/compare/4287.v73451380b_576...4288.v1719f9d0c854) #### 🐛 Bug fixes - [JENKINS-73788](https://issues.jenkins.io/browse/JENKINS-73788) - Reduce metrics bloat relating to provisioning requests ([#1604](https://redirect.github.com/jenkinsci/kubernetes-plugin/issues/1604)) [@PayBas](https://redirect.github.com/PayBas)jenkinsci/oic-auth-plugin (jenkinsci/oic-auth-plugin)
### [`v4.418.vccc7061f5b_6d`](https://redirect.github.com/jenkinsci/oic-auth-plugin/releases/tag/4.418.vccc7061f5b_6d) [Compare Source](https://redirect.github.com/jenkinsci/oic-auth-plugin/compare/4.411.v990b_9d36e74e...4.418.vccc7061f5b_6d) #### 🚀 New features and improvements - Use a FIPS compliant version of nimbus-jose-jwt ([#440](https://redirect.github.com/jenkinsci/oic-auth-plugin/issues/440)) [@fcojfernandez](https://redirect.github.com/fcojfernandez) #### 🐛 Bug fixes - Resuse the original user principal to avoid crumb issues. ([#426](https://redirect.github.com/jenkinsci/oic-auth-plugin/issues/426)) [@jtnord](https://redirect.github.com/jtnord) #### 📝 Documentation updates - fix plugin documentation of plugin configuration for `endSessionEndpoint` ([#439](https://redirect.github.com/jenkinsci/oic-auth-plugin/issues/439)) [@sstoffregen](https://redirect.github.com/sstoffregen) ### [`v4.411.v990b_9d36e74e`](https://redirect.github.com/jenkinsci/oic-auth-plugin/releases/tag/4.411.v990b_9d36e74e) [Compare Source](https://redirect.github.com/jenkinsci/oic-auth-plugin/compare/4.409.ve864b_f48b_0f3...4.411.v990b_9d36e74e) #### 🐛 Bug fixes - Filter missing non-compliant algorithms in FIPS mode ([#435](https://redirect.github.com/jenkinsci/oic-auth-plugin/issues/435)) [@fcojfernandez](https://redirect.github.com/fcojfernandez) ### [`v4.409.ve864b_f48b_0f3`](https://redirect.github.com/jenkinsci/oic-auth-plugin/releases/tag/4.409.ve864b_f48b_0f3) [Compare Source](https://redirect.github.com/jenkinsci/oic-auth-plugin/compare/4.388.v4f73328eb_d2c...4.409.ve864b_f48b_0f3) #### 🚀 New features and improvements - [JENKINS-73904](https://issues.jenkins.io/browse/JENKINS-73904) - Enable FIPS restrictions in the JWK signing algorithm for Token verification ([#428](https://redirect.github.com/jenkinsci/oic-auth-plugin/issues/428)) [@fcojfernandez](https://redirect.github.com/fcojfernandez) #### 🐛 Bug fixes - [JEP-237](https://redirect.github.com/jenkinsci/jep/tree/master/jep/237) - disable escapeHatch when Jenkins is in FIPS mode ([#418](https://redirect.github.com/jenkinsci/oic-auth-plugin/issues/418)) [@olamy](https://redirect.github.com/olamy) #### 👻 Maintenance - [JENKINS-73849](https://issues.jenkins.io/browse/JENKINS-73849) - [JEP-237](https://redirect.github.com/jenkinsci/jep/tree/master/jep/237) - remove the ability to disable SSL and token validation in FIPS mode ([#423](https://redirect.github.com/jenkinsci/oic-auth-plugin/issues/423)) [@PereBueno](https://redirect.github.com/PereBueno) #### 🚦 Tests - Switching tests to throw generic Exception ([#425](https://redirect.github.com/jenkinsci/oic-auth-plugin/issues/425)) [@PereBueno](https://redirect.github.com/PereBueno) #### ✍ Other changes - [JENKINS-73892](https://issues.jenkins.io/browse/JENKINS-73892) - un-inline script in `config.jelly` and fix existing behavior ([#427](https://redirect.github.com/jenkinsci/oic-auth-plugin/issues/427)) [@shlomomdahan](https://redirect.github.com/shlomomdahan) ### [`v4.388.v4f73328eb_d2c`](https://redirect.github.com/jenkinsci/oic-auth-plugin/releases/tag/4.388.v4f73328eb_d2c) [Compare Source](https://redirect.github.com/jenkinsci/oic-auth-plugin/compare/4.371.vc7c0c06e8a_f5...4.388.v4f73328eb_d2c) #### 💥 Breaking changes > \[!CAUTION] > The plugin now requires that the `Issuer` is set to enforce security and there is no option to disable this requirement as it is mandated in the Open ID Connect specification. > As such users who do not use automatic configuration via the well-known endpoint **must** first update to [4.355.v3a_fb_fca_b\_96d4](https://plugins.jenkins.io/oic-auth/releases/#version\_4.355.v3a_fb_fca_b\_96d4) and configure the `Issuer` **before** updating to this version. > Failure to do so will result in users unable to login, or Jenkins failing to start. > \[!CAUTION] > if using manual configuration and a `JWKS Server URL` has not been specified then either `disable token validation` will need to be enabled or the `JWKS Server URL` will need to be set **before** upgrading to this version. > Failure to do so will result in users unable to login. > \[!WARNING] > The option to send the scopes when requesting the access token has been removed (although is still present in the UI). Users of non conformant OPs that require this functionality should remain on the previous version until the Open ID Connect Originating Party (often referred to as the `iDP`) fixes their implementation. - Replace EOL Google Oauth library ([#409](https://redirect.github.com/jenkinsci/oic-auth-plugin/issues/409)) [@jtnord](https://redirect.github.com/jtnord) #### 📝 Documentation updates - document ADFS token lifetime for devs ([#420](https://redirect.github.com/jenkinsci/oic-auth-plugin/issues/420)) [@jtnord](https://redirect.github.com/jtnord) ### [`v4.371.vc7c0c06e8a_f5`](https://redirect.github.com/jenkinsci/oic-auth-plugin/releases/tag/4.371.vc7c0c06e8a_f5) [Compare Source](https://redirect.github.com/jenkinsci/oic-auth-plugin/compare/4.355.v3a_fb_fca_b_96d4...4.371.vc7c0c06e8a_f5) #### 🐛 Bug fixes - Redirect to login page in case token is expired instead of showing an error page ([#395](https://redirect.github.com/jenkinsci/oic-auth-plugin/issues/395)) [@eva-mueller-coremedia](https://redirect.github.com/eva-mueller-coremedia) #### 📝 Documentation updates - Update CasC documentation ([#417](https://redirect.github.com/jenkinsci/oic-auth-plugin/issues/417)) [@fcojfernandez](https://redirect.github.com/fcojfernandez) - Add developer docs ([#410](https://redirect.github.com/jenkinsci/oic-auth-plugin/issues/410)) [@jtnord](https://redirect.github.com/jtnord) ### [`v4.355.v3a_fb_fca_b_96d4`](https://redirect.github.com/jenkinsci/oic-auth-plugin/releases/tag/4.355.v3a_fb_fca_b_96d4) [Compare Source](https://redirect.github.com/jenkinsci/oic-auth-plugin/compare/4.354.v321ce67a_1de8...4.355.v3a_fb_fca_b_96d4) #### 🔒 Security fixes - Fix SECURITY-3441 ([1](https://www.jenkins.io/security/advisory/2024-10-02/#SECURITY-3441%20\(1\)), [2](https://www.jenkins.io/security/advisory/2024-10-02/#SECURITY-3441%20\(2\))). > \[!IMPORTANT] > When using the "Manual entry" configuration mode, the new "Issuer" field must be populated after updating to protect from this issue. When using "Discovery via well-known endpoint", the Issuer will be set automatically. ### [`v4.354.v321ce67a_1de8`](https://redirect.github.com/jenkinsci/oic-auth-plugin/releases/tag/4.354.v321ce67a_1de8) [Compare Source](https://redirect.github.com/jenkinsci/oic-auth-plugin/compare/4.350.v347c3b_8b_9d95...4.354.v321ce67a_1de8) #### 🐛 Bug fixes - Use endSessionUrl instead of endSessionEndpoint for manual configuration in UI ([#402](https://redirect.github.com/jenkinsci/oic-auth-plugin/issues/402)) [@eva-mueller-coremedia](https://redirect.github.com/eva-mueller-coremedia) #### 👻 Maintenance - Remove deprecated constructor ([#401](https://redirect.github.com/jenkinsci/oic-auth-plugin/issues/401)) [@jtnord](https://redirect.github.com/jtnord) ### [`v4.350.v347c3b_8b_9d95`](https://redirect.github.com/jenkinsci/oic-auth-plugin/releases/tag/4.350.v347c3b_8b_9d95) [Compare Source](https://redirect.github.com/jenkinsci/oic-auth-plugin/compare/4.346.v10401f543622...4.350.v347c3b_8b_9d95) #### 💥 Breaking changes - rework configuration of the plugin ([#399](https://redirect.github.com/jenkinsci/oic-auth-plugin/issues/399)) [@jtnord](https://redirect.github.com/jtnord) > \[!IMPORTANT] > The configuration format is backwards compatible with previous versions, but the casc format is not. > > configuration of the provider side has been moved into a `serverConfiguration` section and split to 2 different types `wellKnown` for configuration via a auto discovery and `manual` for manual configuration. > e.g. > for manual configuration: > > securityRealm: > oic: > serverConfiguration: > manual: > authorizationServerUrl: https://url.example.com/authorize > jwksServerUrl: https://jwks.example.com/jwks > tokenAuthMethod: client_secret_post > tokenServerUrl: https://token.example.com/token > scopes: scopes > > and for auto configuration: > > ``` > > securityRealm: > oic: > serverConfiguration: > wellKnown: > wellKnownOpenIDConfigurationUrl: https://idp.example.com:/someRealm/.well-known/openid-configuration > ``` > \[!CAUTION] > it has been reported [#412](https://redirect.github.com/jenkinsci/oic-auth-plugin/issues/412) that very old configuration may not be migrated correctly.\ > it is therefore recommended to explicitly save the configuration in `${JENKINS_URL}/manage/configureSecurity/` before upgrading if the configuration has not been changed recently and you are not using Config-as-Code to manage the settings #### ✍ Other changes - use batch mode for running maven ([#400](https://redirect.github.com/jenkinsci/oic-auth-plugin/issues/400)) [@jtnord](https://redirect.github.com/jtnord) ### [`v4.346.v10401f543622`](https://redirect.github.com/jenkinsci/oic-auth-plugin/releases/tag/4.346.v10401f543622) [Compare Source](https://redirect.github.com/jenkinsci/oic-auth-plugin/compare/4.340.ve70636c6590e...4.346.v10401f543622) #### 🐛 Bug fixes - Compare username based on ID strategy on token refresh ([#394](https://redirect.github.com/jenkinsci/oic-auth-plugin/issues/394)) [@eva-mueller-coremedia](https://redirect.github.com/eva-mueller-coremedia)jenkinsci/prometheus-plugin (jenkinsci/prometheus-plugin)
### [`v787.v52e8f47488fc`](https://redirect.github.com/jenkinsci/prometheus-plugin/releases/tag/787.v52e8f47488fc) [Compare Source](https://redirect.github.com/jenkinsci/prometheus-plugin/compare/784.vea_eca_f6592eb_...787.v52e8f47488fc) #### ✍ Other changes - Adding configuration option to exclude jobs from Prometheus metrics via Regex ([#699](https://redirect.github.com/jenkinsci/prometheus-plugin/issues/699)) [@Waschndolos](https://redirect.github.com/Waschndolos) #### 📦 Dependency updates - Bump org.jenkins-ci.plugins:plugin from 4.86 to 4.87 ([#693](https://redirect.github.com/jenkinsci/prometheus-plugin/issues/693)) [@dependabot](https://redirect.github.com/dependabot) - Bump org.mockito:mockito-junit-jupiter from 5.12.0 to 5.13.0 ([#694](https://redirect.github.com/jenkinsci/prometheus-plugin/issues/694)) [@dependabot](https://redirect.github.com/dependabot)jenkinsci/saml-plugin (jenkinsci/saml-plugin)
### [`v4.501.v4313a_01e3a_18`](https://redirect.github.com/jenkinsci/saml-plugin/releases/tag/4.501.v4313a_01e3a_18) [Compare Source](https://redirect.github.com/jenkinsci/saml-plugin/compare/4.496.v56a_6423dca_35...4.501.v4313a_01e3a_18) #### 🐛 Bug fixes - fix: [JENKINS-73816](https://issues.jenkins.io/browse/JENKINS-73816) - implement missing methods ([#452](https://redirect.github.com/jenkinsci/saml-plugin/issues/452)) [@kuisathaverat](https://redirect.github.com/kuisathaverat) #### 📦 Dependency updates - chore(deps-dev): bump org.testcontainers:testcontainers from 1.20.2 to 1.20.3 ([#450](https://redirect.github.com/jenkinsci/saml-plugin/issues/450)) [@dependabot](https://redirect.github.com/dependabot) - chore(deps): bump io.jenkins.tools.bom:bom-2.462.x from 3482.vc10d4f6da\_28a\_ to 3559.vb\_5b\_81183b_d23 ([#451](https://redirect.github.com/jenkinsci/saml-plugin/issues/451)) [@dependabot](https://redirect.github.com/dependabot) - chore(deps): bump org.jenkins-ci.plugins:plugin from 5.1 to 5.2 ([#448](https://redirect.github.com/jenkinsci/saml-plugin/issues/448)) [@dependabot](https://redirect.github.com/dependabot) - chore(deps): bump io.jenkins.tools.bom:bom-2.462.x from 3435.v238d66a\_043fb\_ to 3482.vc10d4f6da\_28a\_ ([#447](https://redirect.github.com/jenkinsci/saml-plugin/issues/447)) [@dependabot](https://redirect.github.com/dependabot) ### [`v4.496.v56a_6423dca_35`](https://redirect.github.com/jenkinsci/saml-plugin/releases/tag/4.496.v56a_6423dca_35) [Compare Source](https://redirect.github.com/jenkinsci/saml-plugin/compare/4.487.v9f1c3328f1c0...4.496.v56a_6423dca_35) #### 🚀 New features and improvements - Upgrade to pac4j 6.x, require Java 17 or newer, and migrate to EE 9 ([#446](https://redirect.github.com/jenkinsci/saml-plugin/issues/446)) [@basil](https://redirect.github.com/basil) #### 📝 Documentation updates - docs: [JENKINS-73751](https://issues.jenkins.io/browse/JENKINS-73751) - Redirecting to Base URL Rather than Original Requested URL ([#437](https://redirect.github.com/jenkinsci/saml-plugin/issues/437)) [@kuisathaverat](https://redirect.github.com/kuisathaverat) #### 📦 Dependency updates - chore(deps): bump io.jenkins.tools.bom:bom-2.462.x from 3413.v0d896b\_76a\_30d to 3435.v238d66a\_043fb\_ ([#443](https://redirect.github.com/jenkinsci/saml-plugin/issues/443)) [@dependabot](https://redirect.github.com/dependabot) - chore(deps-dev): bump org.testcontainers:testcontainers from 1.20.1 to 1.20.2 ([#442](https://redirect.github.com/jenkinsci/saml-plugin/issues/442)) [@dependabot](https://redirect.github.com/dependabot) - Upgrade plugin parent POM to latest ([#445](https://redirect.github.com/jenkinsci/saml-plugin/issues/445)) [@basil](https://redirect.github.com/basil) - chore(deps): bump io.jenkins.tools.bom:bom-2.462.x from 3387.v0f2773fa\_3200 to 3413.v0d896b\_76a\_30d ([#441](https://redirect.github.com/jenkinsci/saml-plugin/issues/441)) [@dependabot](https://redirect.github.com/dependabot) - chore(deps): bump io.jenkins.tools.bom:bom-2.462.x from 3358.vea_fa\_1f41504d to 3387.v0f2773fa\_3200 ([#439](https://redirect.github.com/jenkinsci/saml-plugin/issues/439)) [@dependabot](https://redirect.github.com/dependabot) - chore(deps): bump org.jenkins-ci.plugins:plugin from 4.87 to 4.88 ([#440](https://redirect.github.com/jenkinsci/saml-plugin/issues/440)) [@dependabot](https://redirect.github.com/dependabot) - chore(deps): bump io.jenkins.tools.bom:bom-2.462.x from 3334.v18e2a\_2f48356 to 3358.vea_fa\_1f41504d ([#438](https://redirect.github.com/jenkinsci/saml-plugin/issues/438)) [@dependabot](https://redirect.github.com/dependabot)Configuration
📅 Schedule: Branch creation - "after 7am and before 9am every weekday" in timezone America/New_York, Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
This PR was generated by Mend Renovate. View the repository job log.