jenkinsci / last-changes-plugin

https://plugins.jenkins.io/last-changes
https://plugins.jenkins.io/last-changes/
31 stars 30 forks source link

Bump git-client from 2.7.0 to 2.8.5 #87

Closed dependabot[bot] closed 2 years ago

dependabot[bot] commented 2 years ago

Bumps git-client from 2.7.0 to 2.8.5.

Release notes

Sourced from git-client's releases.

Git Client Plugin 2.8.5

🐛 Bug Fixes

  • SECURITY-1534 - Fix system command execution vulnerability in ls-remote for users with Job/Configure permissions @​MarkEWaite
  • JENKINS-41066 - Allow embedded username and password in repository URL
  • JENKINS-56257 - Allow embedded username and password in repository URL

Git Client Plugin 2.8.4

🚀 New features and improvements

Git Client Plugin 2.8.3

🚀 New features and improvements

📦 Dependency updates

Git Client Plugin 2.8.2

Test Automation Fix

  • Automated tests repaired when tests run as user root (#450 MarkEWaite)

Git Client Plugin 2.8.1

Improve OpenSSH support on Windows

🐛 Bug Fixes

Git Client Plugin 2.7.7.1

🐛 Bug Fixes

Git Client Plugin 2.7.4.1

🐛 Bug Fixes

... (truncated)

Commits
  • ce1b99e [maven-release-plugin] prepare release git-client-2.8.5
  • 701c12c Test with remote URL checking enabled and disabled
  • 899123f [SECURITY-1534] Prevent remote execution by repo URL
  • 04d2c15 Add SECURITY-1534 tests
  • 883343d Options should precede operands to git commands
  • 04f6e15 [maven-release-plugin] prepare for next development iteration
  • 72add81 [maven-release-plugin] prepare release git-client-2.8.4
  • 41d04e1 Really use GitHub README for docs
  • 46da7a8 [maven-release-plugin] prepare for next development iteration
  • 2125ff4 [maven-release-plugin] prepare release git-client-2.8.3
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/jenkinsci/last-changes-plugin/network/alerts).
dependabot[bot] commented 2 years ago

Superseded by #90.