Hello, I am taking care of a library that was produced/updated by a GSoC project: pipeline-metadata-utils <https://github.com/jenkins-infra/pipeline-metadata-utils>. It is not a plugin *per se*. Thus I am in unfamiliar territory.
I need/want to keep this library up to date as I am concerned that a major bump is required (ex: dropping Java 8) and that I am overseeing it. I feel very uncomfortable doing this and would appreciate some eyes on this to give me some advice. Here are my doubts/questions: - The pom.xml uses the jenkins 1.92 parent pom. It is tracked by dependabot and seems to be the latest. Is this assumption correct? Is there a link/relation with the plugin parent pom? - It uses the weekly bom (tracked by dependabot). I guess that this is OK. Is this assumption correct? What is the added value of using the weekly bom instead of the LTS one? - The "base" jenkins version is defined as a dependency and is tracked by dependabot to follow the weekly release. This is OK and in line with the above. Is this assumption correct ? - The Jenkinsfile defines, via the "tool" command, JDK11 as the build environment. This probably implies only Linux which would be OK as the tool using this library is running only on the Jenkins (linux) infrastructure. Should this be updated to JDK17? - I guess that all these dependencies live correctly in symbiosis. Or am I missing something? - What would be the recommended release cadence (not triggered by new features or bug fixes)? Just leave it like that or should I release it, say every 6 months, to be sure that old (faulty/unsecure?) dependencies are not pulled into the instance. I think all is good and correctly maintained. Just would like to have a confirmation of that as well as improvement suggestions. /- Jmm -- You received this message because you are subscribed to the Google Groups "Jenkins Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-dev+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/CABLvyXxP03OKVFEh9U0_y25Y4YN06FwqpJE_%3DuFnALz%3DfJcjMA%40mail.gmail.com.
