Jenkins BOM and base Jenkins version
23 views
Skip to first unread message
Mark Waite
Nov 23, 2020, 12:23:54 PM11/23/20
to Jenkins Developers
The git plugin currently requires Jenkins 2.204.1 and uses the plugin bom to simplify dependency management. I like the results of that simplification very much.
A dependabot pull request has proposed to update the git plugin use of bom-2.204.x from 17 to 18. However, the build of that proposed update fails because one of the dependent plugins requires Jenkins 2.204.6 rather than 2.204.1.
I believe my options are:
- Update the minimum Jenkins version required by the git plugin from 2.204.1 to 2.222.1 to retain the benefits of the plugin bom and move the minimum version forward to one of the currently recommended minimum versions - few users affected, reduces maintenance by reducing number of older Jenkins versions allowed to use the plugin
- Update the minimum Jenkins version required by the git plugin from 2.204.1 to 2.204.6 to retain the benefits of the plugin bom with least chance of disrupting existing users (though the number of users of Jenkins 2.204.x using newer versions of the git plugin is quite small based on stats.jenkins.io - even fewer users affected, retains benefits of the bom
- Close the pull request updating bom-2.204.x from 17 to 18 and make that change at some other time - suspends benefits of plugin bom until the next time the Jenkins minimum version is incremented
I prefer the first option (update from 2.204.1 to 2.222.1 as minimum version). Are there reasons I should consider something other than that?
Mark Waite
Matt Sicker
Nov 23, 2020, 12:30:20 PM11/23/20
to jenkin...@googlegroups.com
Whichever LTS version you use should probably be kept up to date with
the latest security patch version for that LTS. No preference from me
on 2.204.x versus 2.222.x.
> --
> You received this message because you are subscribed to the Google Groups "Jenkins Developers" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-de...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/f61faad1-4f67-4920-b68a-b75b4b124d64n%40googlegroups.com.
--
Matt Sicker
Senior Software Engineer, CloudBees
the latest security patch version for that LTS. No preference from me
on 2.204.x versus 2.222.x.
> You received this message because you are subscribed to the Google Groups "Jenkins Developers" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-de...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/f61faad1-4f67-4920-b68a-b75b4b124d64n%40googlegroups.com.
--
Matt Sicker
Senior Software Engineer, CloudBees
Tim Jacomb
Nov 23, 2020, 1:07:14 PM11/23/20
to jenkin...@googlegroups.com
If it help the docs are recommending either 2.222 or 2.235
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/CAEot4oxW8RMu0ZyWYEdkjOZ5yARaSyvmSuEVq_4pfZtxb9JD6A%40mail.gmail.com.
Basil Crow
Nov 23, 2020, 1:18:43 PM11/23/20
to jenkin...@googlegroups.com
The documentation says: "Prefer .1 LTS releases over weekly versions and later releases within an LTS line for greater compatibility." cloudbees-folder seems to use 2.204.6 because its dependency snakeyaml-api uses 2.204.6. I am curious if there is a particular reason for this or if snakeyaml-api (and therefore cloudbees-folder) could use 2.204.1 (as recommended by the documentation) instead. Apologies in advance if I am missing something obvious.
Ullrich Hafner
Nov 23, 2020, 2:24:20 PM11/23/20
to Jenkins Developers
I’m not sure if it makes sense to revert that for existing releases. However, we should double check every time we upgrade to a new baseline that we use the .1 version. Currently we already have some new plugin releases that require a core of 1.222.4 (and not 1.222.1). This should be avoided.
I think going with 1.222.1 would be a good choice.
Am 23.11.2020 um 19:17 schrieb Basil Crow <m...@basilcrow.com>:
The documentation says: "Prefer .1 LTS releases over weekly versions and later releases within an LTS line for greater compatibility." cloudbees-folder seems to use 2.204.6 because its dependency snakeyaml-api uses 2.204.6. I am curious if there is a particular reason for this or if snakeyaml-api (and therefore cloudbees-folder) could use 2.204.1 (as recommended by the documentation) instead. Apologies in advance if I am missing something obvious.
--
You received this message because you are subscribed to the Google Groups "Jenkins Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-de...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/CAFwNDjo%2BNM5UJpAO4fyTf7BdRraUWc8_3kjT2zK5RM1VywFJ4Q%40mail.gmail.com.
Jesse Glick
Nov 23, 2020, 2:32:38 PM11/23/20
to Jenkins Dev
On Mon, Nov 23, 2020 at 1:18 PM Basil Crow <m...@basilcrow.com> wrote:
> The documentation says
Yes; no solid consensus here:
https://github.com/jenkins-infra/jenkins.io/pull/3643#discussion_r475615780
I would suggest 2.204.6 but if you prefer 2.204.1 I am also fine with
cutting an extra release of `cloudbees-folder` if `snakeyaml-api` also
gets one:
https://github.com/jenkinsci/cloudbees-folder-plugin/pull/169#discussion_r528945008
> The documentation says
Yes; no solid consensus here:
https://github.com/jenkins-infra/jenkins.io/pull/3643#discussion_r475615780
I would suggest 2.204.6 but if you prefer 2.204.1 I am also fine with
cutting an extra release of `cloudbees-folder` if `snakeyaml-api` also
gets one:
https://github.com/jenkinsci/cloudbees-folder-plugin/pull/169#discussion_r528945008
Reply all
Reply to author
Forward
0 new messages