From 5b8b0b94c733491be8b9ccbee52af03bb09c12ac Mon Sep 17 00:00:00 2001
From: Mark Waite <mark.earl.waite@gmail.com>
Date: Sat, 30 Aug 2025 03:32:12 -0600
Subject: [PATCH 1/7] Use parent pom 5.24 for Java 25 support

Java 25 releases Sep 16, 2025 and Jenkins wants to support Java 25 soon
after its release.  This pom upgrade allows the plugin to compile and
test with Java 25.
---
 pom.xml                                                         | 2 +-
 .../jenkinsci/plugins/pipeline/github/CommitGroovyObject.java   | 1 -
 .../plugins/pipeline/github/IssueCommentGroovyObject.java       | 1 -
 .../plugins/pipeline/github/PullRequestGroovyObject.java        | 1 -
 .../plugins/pipeline/github/ReviewCommentGroovyObject.java      | 1 -
 5 files changed, 1 insertion(+), 5 deletions(-)

diff --git a/pom.xml b/pom.xml
index f4ea4df..db4f48e 100644
--- a/pom.xml
+++ b/pom.xml
@@ -5,7 +5,7 @@
     <parent>
         <groupId>org.jenkins-ci.plugins</groupId>
         <artifactId>plugin</artifactId>
-        <version>5.8</version>
+        <version>5.24</version>
         <relativePath />
     </parent>
 
diff --git a/src/main/java/org/jenkinsci/plugins/pipeline/github/CommitGroovyObject.java b/src/main/java/org/jenkinsci/plugins/pipeline/github/CommitGroovyObject.java
index 81f05db..d3bf8c3 100644
--- a/src/main/java/org/jenkinsci/plugins/pipeline/github/CommitGroovyObject.java
+++ b/src/main/java/org/jenkinsci/plugins/pipeline/github/CommitGroovyObject.java
@@ -39,7 +39,6 @@
  * @author Aaron Whiteside
  * @see RepositoryCommit
  */
-@SuppressFBWarnings("SE_BAD_FIELD")
 public class CommitGroovyObject extends GroovyObjectSupport implements Serializable {
     private static final long serialVersionUID = 1L;
 
diff --git a/src/main/java/org/jenkinsci/plugins/pipeline/github/IssueCommentGroovyObject.java b/src/main/java/org/jenkinsci/plugins/pipeline/github/IssueCommentGroovyObject.java
index 4a05cdd..13d5e34 100644
--- a/src/main/java/org/jenkinsci/plugins/pipeline/github/IssueCommentGroovyObject.java
+++ b/src/main/java/org/jenkinsci/plugins/pipeline/github/IssueCommentGroovyObject.java
@@ -21,7 +21,6 @@
  * @author Aaron Whiteside
  * @see Comment
  */
-@SuppressFBWarnings("SE_BAD_FIELD")
 public class IssueCommentGroovyObject extends GroovyObjectSupport implements Serializable {
     private static final long serialVersionUID = 1L;
 
diff --git a/src/main/java/org/jenkinsci/plugins/pipeline/github/PullRequestGroovyObject.java b/src/main/java/org/jenkinsci/plugins/pipeline/github/PullRequestGroovyObject.java
index d7873a3..ed1cc08 100644
--- a/src/main/java/org/jenkinsci/plugins/pipeline/github/PullRequestGroovyObject.java
+++ b/src/main/java/org/jenkinsci/plugins/pipeline/github/PullRequestGroovyObject.java
@@ -50,7 +50,6 @@
  * @see ExtendedPullRequest
  */
 @PersistIn(PersistenceContext.NONE)
-@SuppressFBWarnings("SE_BAD_FIELD")
 public class PullRequestGroovyObject extends GroovyObjectSupport implements Serializable {
 
     private static final long serialVersionUID = 1L;
diff --git a/src/main/java/org/jenkinsci/plugins/pipeline/github/ReviewCommentGroovyObject.java b/src/main/java/org/jenkinsci/plugins/pipeline/github/ReviewCommentGroovyObject.java
index 3b8feb5..8af2524 100644
--- a/src/main/java/org/jenkinsci/plugins/pipeline/github/ReviewCommentGroovyObject.java
+++ b/src/main/java/org/jenkinsci/plugins/pipeline/github/ReviewCommentGroovyObject.java
@@ -21,7 +21,6 @@
  * @author Aaron Whiteside
  * @see ExtendedCommitComment
  */
-@SuppressFBWarnings("SE_BAD_FIELD")
 public class ReviewCommentGroovyObject extends GroovyObjectSupport implements Serializable {
     private static final long serialVersionUID = 1L;
 

From 727a2db7f5c180a7443c182351e6ae7922940cd4 Mon Sep 17 00:00:00 2001
From: Mark Waite <mark.earl.waite@gmail.com>
Date: Sat, 30 Aug 2025 03:40:30 -0600
Subject: [PATCH 2/7] Require Jenkins 2.479.3 instead of 2.479.1

Some of the dependencies in the final release of the plugin BOM require 2.479.3
---
 pom.xml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pom.xml b/pom.xml
index db4f48e..14c2e9b 100644
--- a/pom.xml
+++ b/pom.xml
@@ -18,7 +18,7 @@
         <changelist>999999-SNAPSHOT</changelist>
         <!-- https://www.jenkins.io/doc/developer/plugin-development/choosing-jenkins-baseline/ -->
         <jenkins.baseline>2.479</jenkins.baseline>
-        <jenkins.version>${jenkins.baseline}.1</jenkins.version>
+        <jenkins.version>${jenkins.baseline}.3</jenkins.version>
         <gitHubRepo>jenkinsci/${project.artifactId}-plugin</gitHubRepo>
     </properties>
 
@@ -59,7 +59,7 @@
             <dependency>
                 <groupId>io.jenkins.tools.bom</groupId>
                 <artifactId>bom-${jenkins.baseline}.x</artifactId>
-                <version>3944.v1a_e4f8b_452db_</version>
+                <version>5054.v620b_5d2b_d5e6</version>
                 <type>pom</type>
                 <scope>import</scope>
             </dependency>

From 96962efd842a755cae83d38226cec7e788466e38 Mon Sep 17 00:00:00 2001
From: Mark Waite <mark.earl.waite@gmail.com>
Date: Sat, 30 Aug 2025 03:42:48 -0600
Subject: [PATCH 3/7] Declare dependencies explicitly

Prevent accidental addition of new dependencies from updates.
---
 pom.xml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/pom.xml b/pom.xml
index 14c2e9b..97c81e4 100644
--- a/pom.xml
+++ b/pom.xml
@@ -16,6 +16,8 @@
     <properties>
         <revision>2.8</revision>
         <changelist>999999-SNAPSHOT</changelist>
+        <hpi.bundledArtifacts>org.eclipse.egit.github.core</hpi.bundledArtifacts>
+        <hpi.strictBundledArtifacts>true</hpi.strictBundledArtifacts>
         <!-- https://www.jenkins.io/doc/developer/plugin-development/choosing-jenkins-baseline/ -->
         <jenkins.baseline>2.479</jenkins.baseline>
         <jenkins.version>${jenkins.baseline}.3</jenkins.version>

From a20c3a33d65290ffdd5c81cc6e2b3116b57e4c08 Mon Sep 17 00:00:00 2001
From: Mark Waite <mark.earl.waite@gmail.com>
Date: Sat, 30 Aug 2025 06:06:40 -0600
Subject: [PATCH 4/7] Test with Java 25 on ci.jenkins.io

---
 Jenkinsfile | 1 +
 1 file changed, 1 insertion(+)

diff --git a/Jenkinsfile b/Jenkinsfile
index 8b7fd8d..cf37cff 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -1,4 +1,5 @@
 buildPlugin(useContainerAgent: true, configurations: [
   [platform: 'linux', jdk: 21],
   [platform: 'windows', jdk: 17],
+  [platform: 'linux', jdk: 25],
 ])

From 6217d36cab7453784caee514c89a5dcd6330fb3a Mon Sep 17 00:00:00 2001
From: Mark Waite <mark.earl.waite@gmail.com>
Date: Sat, 25 Oct 2025 08:22:27 -0600
Subject: [PATCH 5/7] Test with Java 25 and Java 21

No benefit to test with Java 17 since we are generating Java 17 byte
code from the Java 21 and Java 25 compilers and have never found an
issue that was specific to using Java 17.
---
 Jenkinsfile | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/Jenkinsfile b/Jenkinsfile
index cf37cff..668da86 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -1,5 +1,4 @@
 buildPlugin(useContainerAgent: true, configurations: [
-  [platform: 'linux', jdk: 21],
-  [platform: 'windows', jdk: 17],
   [platform: 'linux', jdk: 25],
+  [platform: 'windows', jdk: 21],
 ])

From b932cb68f47c369aaa2fe3f3efbe5d44fc1fe6b0 Mon Sep 17 00:00:00 2001
From: Mark Waite <mark.earl.waite@gmail.com>
Date: Sat, 25 Oct 2025 08:24:18 -0600
Subject: [PATCH 6/7] Use parent pom 5.27

Most recent parent pom, latest updates
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 97c81e4..02605cc 100644
--- a/pom.xml
+++ b/pom.xml
@@ -5,7 +5,7 @@
     <parent>
         <groupId>org.jenkins-ci.plugins</groupId>
         <artifactId>plugin</artifactId>
-        <version>5.24</version>
+        <version>5.27</version>
         <relativePath />
     </parent>
 

From fd996991fe0e1d95963290c67a688208fc17c703 Mon Sep 17 00:00:00 2001
From: Mark Waite <mark.earl.waite@gmail.com>
Date: Sat, 25 Oct 2025 08:27:55 -0600
Subject: [PATCH 7/7] Require Jenkins 2.504.3 or newer

Jenkins versions prior to 2.504.1 are affected by security advisories:

* https://www.jenkins.io/security/advisory/2025-04-02/#SECURITY-3512
* https://www.jenkins.io/security/advisory/2025-04-02/#SECURITY-3513
* https://www.jenkins.io/security/advisory/2025-03-05/#SECURITY-3495
* https://www.jenkins.io/security/advisory/2025-03-05/#SECURITY-3496
* https://www.jenkins.io/security/advisory/2025-03-05/#SECURITY-3498
* https://www.jenkins.io/security/advisory/2025-03-05/#SECURITY-3501

https://www.jenkins.io/doc/developer/plugin-development/choosing-jenkins-baseline/
recommends 2.504.3 as the minimum Jenkins baseline.

Plugin BOM updates have stopped for earlier versions.
---
 pom.xml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pom.xml b/pom.xml
index 02605cc..678334e 100644
--- a/pom.xml
+++ b/pom.xml
@@ -19,7 +19,7 @@
         <hpi.bundledArtifacts>org.eclipse.egit.github.core</hpi.bundledArtifacts>
         <hpi.strictBundledArtifacts>true</hpi.strictBundledArtifacts>
         <!-- https://www.jenkins.io/doc/developer/plugin-development/choosing-jenkins-baseline/ -->
-        <jenkins.baseline>2.479</jenkins.baseline>
+        <jenkins.baseline>2.504</jenkins.baseline>
         <jenkins.version>${jenkins.baseline}.3</jenkins.version>
         <gitHubRepo>jenkinsci/${project.artifactId}-plugin</gitHubRepo>
     </properties>
@@ -61,7 +61,7 @@
             <dependency>
                 <groupId>io.jenkins.tools.bom</groupId>
                 <artifactId>bom-${jenkins.baseline}.x</artifactId>
-                <version>5054.v620b_5d2b_d5e6</version>
+                <version>5601.v59f37270a_349</version>
                 <type>pom</type>
                 <scope>import</scope>
             </dependency>