Kevin Guerroudj
Kevin is a member of the Jenkins security team.
Context Jenkins is an open-source CI/CD solution that is extensible with a wide range of plugins that can be installed using the Jenkins plugin distribution repository or via manual installation. This extensibility is a powerful feature of Jenkins, but it is a critical aspect that has to be secured to avoid risks and vulnerabilities that can impact the Jenkins system. The internship took...
Highlights Jenkins 2.397 and 2.387.2 are both using new Linux repository signing keys. The Pipeline graph view plugin continues to evolve and improve as a Pipeline visualization replacement for Blue Ocean. The number of pull requests merged for jenkins.io crossed into triple digits this month (101). Contributed by: Mark Waite Jenkins' installers for Debian and Red Hat have all been signed with new PGP private...
Highlights FOSDEM 2023 insights Jenkins is a mentor organization for Google Summer of Code Several container image updates Jenkins Awards voting is now open Contributed by: Alyssa Tong FOSDEM 2023 Returning to FOSDEM for the first in-person event since COVID was both exciting and nostalgic for our Jenkins contributors. It was exciting to see the same crowd size and enthusiasm by attendees. Many thanks to the wonderful FOSDEM organizers...
Context Jenkins is a CI/CD solution and as such, it is critical that the open source plugins that constitute an integral part of it don’t expose the systems they are used on to any security risks and vulnerabilities. It is in that context that we worked as an audit/code review team to track and report such flaws and problematic practices. We worked in...
