timja
commented
3 years ago James has used a combination of tools (revapi, https://github.com/jenkins-infra/usage-in-plugins...) to identify plugins that need to be assessed.
He explained in https://groups.google.com/g/jenkinsci-dev/c/aYUJ4VuOuVc/m/Kqwu5Aw-AQAJ
Copying the list of plugins here for ease of access (we should likely create a jira for each line)
42crunch-security-audit
active-directory
alauda-kubernetes-support
alauda-pipeline
alibabacloud-ecs
anchore-container-scanner
antisamy-markup-formatter
argus-notifier
artifact-manager-s3
artifactory
atlassian-jira-software-cloud
audit-trail
aws-beanstalk-publisher-plugin
aws-sqs
aws-yum-parameter
azure-acs
azure-ad
azure-app-service
azure-batch-parallel
azure-commons
azure-container-agents
azure-container-registry-tasks
azure-credentials
azure-dev-spaces
azure-function
azure-vm-agents
azure-vmss
bart
behave-testresults-publisher
bitbucket-pullrequest-builder
blackduck-detect
blueocean-bitbucket-pipeline
blueocean-commons
blueocean-git-pipeline
blueocean-github-pipeline
blueocean-jira
blueocean-pipeline-api-impl
blueocean-pipeline-scm-api
blueocean-rest
blueocean-rest-impl
browserstack-integration
build-failure-analyzer
build-history-metrics-plugin
build-monitor-plugin
build-user-vars-plugin
caliper-ci
cerberus-testing
checkmarx
cloudbees-analytics
cloudbees-api-client
cloudbees-assurance
cloudbees-github-reporting
cloudbees-jsync-archiver
cloudbees-platform-common
cloudbees-rbac-auto-configurer
cloudbees-servicenow-jenkins-plugin
cloudbees-unified-ui
cloudbees-workflow-template
cloudfoundry-bosh-cli
cloudhub-deployer
codebeamer-coverage-publisher
coding-webhook
collabnet
compuware-ispw-operations
configuration-as-code
confluence-publisher
consul-kv-builder
coverity
cucumber-reports
cucumber-testresult-plugin
database
debian-package-builder
defensics
delivery-pipeline-plugin
depgraph-view
deploydb
deployit-plugin
deployment-sphere
devoptics
discobit-autoconfig
docker-build-step
docker-java-api
docker-plugin
docker-traceability
DotCi
DotCi-InstallPackages
DotCiInstallPackages
easyqa
ec2
ec2-deployment-dashboard
ec2-fleet
elastest
elasticbox
electricflow
envinject
envinject-api
esr-feeder
esr-reporter
Exclusion
extreme-feedback
ez-templates
flaky-test-handler
gating-core
gcp-secrets-manager-credentials-provider
gcr-scanner
gearman-plugin
gerrit-code-review
gerrit-trigger
gerrit-verify-status-reporter
ghprb
git-bisect
git-changelog
git-client
gitee
github
github-autostatus
github-oauth
github-pullrequest
gitlab-oauth
gitlab-plugin
gogs-webhook
google-admin-sdk
google-analytics-usage-reporter
google-cloud-backup
google-cloud-health-check
google-cloudbuild
google-compute-engine
google-container-registry-auth
google-deployment-manager
google-kubernetes-engine
google-oauth-plugin
google-source-plugin
google-storage-plugin
gradle
gravatar
headspin
hipchat
http_request
hubot-steps
hudson-wsclean-plugin
ibm-cloud-devops
in-toto
inedo-buildmaster
inedo-proget
influxdb-query
instana
ios-device-connector
ircbot
jacoco
jclouds-jenkins
jenkins-cloudfoundry-uaa
jgiven
jira
jira-steps
jira-trigger
JiraTestResultReporter
jms-messaging
job-node-stalker
jobgenerator
jslint
junit
kubernetes
kubernetes-cd
label-linked-jobs
lambdatest-automation
loadimpact-plugin
logstash
mabl-integration
machine-learning
marathon
master-provisioning-core
master-provisioning-kubernetes
maven-dependency-update-trigger
maven-invoker-plugin
maven-release-cascade
mesos
minio
minio-storage
miniorange-saml-sp
nectar-vmware
neoload-jenkins-plugin
nodelabelparameter
nodepool-agents
octoperf
ontrack
openedge
openshift-deployer
openshift-login
openstack-cloud
openstack-heat
opentelemetry
operations-center-analytics
operations-center-analytics-feeder
operations-center-analytics-reporter
operations-center-context
operations-center-monitoring
operations-center-server
operations-center-sso
oracle-cloud-infrastructure-compute
package-parameter
parameterized-trigger
perfecto
performance
periodicbackup
pipeline-aws
pipeline-cloudwatch-logs
pipeline-huaweicloud-plugin
pipeline-model-api
pipeline-model-definition
project-inheritance
radargun-reporting
rally-plugin
rapid7-insightvm-container-assessment
release-helper
reliza-integration
relution-publisher
repository
repository-connector
requests
rocketchatnotifier
role-strategy
rundeck
sahagin
saml
sauce-ondemand
scm-api
scm-httpclient
scm-manager
scm-sqs
scm-sync-configuration
screenrecorder
sectioned-view
seed
selenium
selenium-builder
service-fabric
service-now
servicenow-cicd
sitemonitor
slave-proxy
smilehubnotifier
sms
sonar
sonar-gerrit
split-admin
splunk-devops
splunk-devops-extend
spoonscript
spring-config
spring-initalzr
srcclr-installer
ssh-slaves
stackrox-container-image-scanner
sysdig-secure
telegram-notifications
telerik-appbuilder-plugin
testInProgress
testsigma
tics
timestamper
tuleap-api
tuleap-git-branch-source
uipath-automation-package
unleash
usemango-runner
venafi-vcert
violation-comments-to-stash
vmware-vrealize-automation-plugin
vrealize-automation-8
vsphere-cloud
whitesource
wikitext
workflow-api
workflow-basic-steps
workflow-cps
workflow-support
xframium
xlrelease-plugin
xvnc
yet-another-docker-plugin
zanata
zephyr-for-jira-test-management
zos-connector
As development team, we want to know which plugins are using non-backward Guava APIs so we adapt them in advance of bumping the guava version inside Jenkins Core.
Originally reported by batmat, imported from: Identify plugins impacted by Guava upgrade