2024-04-15T18:00:00Z

15 Apr 2024

Attendees

• @NotMyFault (Alexander Brandes)
• @uhafner (Ullrich Hafner)
• @gounthar (Bruno Verachten)
• @MarkEWaite (Mark Waite)
• Srikanth Jana
• @kmartens27 (Kevin Martens)

Upcoming Calendar

• Next weekly release: 2.454
• Next LTS: 2.440.3, April 17, 2024
• Next major events:
  • cdCon 2024 April 16-18, 2024
    • Co-located with Open Source Summit North America in Seattle, WA, USA
    • Mark Waite and Basil Crow will attend

Agenda

News

• Jenkins has been accepted to Google Summer of Code 2024, see Blog post from Alyssa Tong
  • Grading is in progress
• Jenkins awards will be announced at cdCon Wednesday 17 Apr 2024. These awards recognize contributions from individuals in the community and the progress made in the name of Jenkins. Nominated candidates are:
  • Most Valuable Jenkins Advocate:
    • Alexander Brandes
    • Bruno Verachten
    • Darin Pope
    • Kris Stern
  • Most Valuable Jenkins Contributor:
    • Basil Crow
    • Daniel Beck
    • Kris Stern
    • Stefan Spieker
    • Tim Jacomb
    • Ullrich Hafner
  • Jenkins Security MVP:
    • Alvaro Muñoz
    • Yaniv Nizry

Action Items

• Basil create the attribution entries for the downloads page
  • Jenkins sponsors have changed
  • Continues on the to-do list
  • Draft PR is almost ready for review at: Add a Sponsors page by basil · Pull Request #6882 · jenkins-infra/jenkins.io · GitHub
• Kevin Martens retire the Chinese Jenkins site
  • Mark needs to do more Kubernetes setup, then Kevin and Mark will meet with Damien
  • More work pending

Community activity

• Contributor Spotlight this week: Herve’ Lemeur

Governance Topics

• Azure expense status
  • March expenses were $4400 USD - nicely under $5000 budget
    • Special thanks to Damien, Herve, and Stephane for cost reductions
• AWS credits donation
  • Credits have been received, work started to apply credits to Jenkins tasks
• AWS credit application for 2025
  • Mark Waite to submit our application
  • AWS will decide on 2025 donations in June 2024
    • Mark to complete before end of April
• Spring Security 5.8.x end of public support
  • Last public build of Spring security framework 5.8.x is August 2024
    • Spring security 6.x requires Jetty 11 with Jakarta EE 9 (jakarta.servlet), not Jetty 10 with Jakarta EE 8 (javax.servlet)
    • August 31, 2024 date seems likely to stick
  • Last public build of Spring framework 5.3.x is August 2024
    • Spring framework 6.1 and later require Java 17
  • Alternatives:
    • Accept that if there is a security vulnerability reported in Spring security 5.8.x between August 2024 and end Oct 2024, we may need to fork Spring Security and fix it ourselves
    • Mark started discussion in the mailing list to find alternatives