-
Notifications
You must be signed in to change notification settings - Fork 111
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
restore java8 compatability #106
base: main
Are you sure you want to change the base?
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
trilead-ssh2/.github/dependabot.yml
Lines 3 to 6 in a4b1c4f
- package-ecosystem: "maven" | |
directory: "/" | |
schedule: | |
interval: "weekly" |
I would expect a human review to be obvious as the diff will show
|
I do not see a strong reason to restore Java 8 compatibility, in less than 30 days Jenkins will not support it. |
We have some Legacy support that requires Java8 connections for Jenkins ssh-slave plugins |
And nothing is stopping you from running the current plugin version on your server, which is presumably older than 2.357 which dropped Java 8 support. This issue is about new plugin releases. |
Jenkins core >=2.357 will require Java 11. If you use trilead-api >= 1.71.v9e7860a_67a_df, the agents connected to this Jenkins must use Java 11 too. The recommendation is to use the same JDK on the Jenkins Controller and Jenkins Agents. |
I think this PR can be closed |
@kuisathaverat there have been tons of complaints within my company that the new version required JDK11 while many were still stuck on java 8 (atleast for a short while more) |
Someone outside Jenkins is still using Trilead? It should be considered deprecated. |
@jglick We're using |
@jglick so what would you recommend instead? mina-sshd was probably not fully ready at that point but is probably good enough today. We wrap Trilead in our own API and use it to connect to huge amount of ssh servers of different kinds and it has always worked fantastic for our endusers, All error blamed on Trilead has almost always been user error, crappy ssh server or network setup. Swapping ssh library would mostly be a headache for us, and would only cause toons of minor integration issues for our users, like the disconnect taking 50ms longer or stupid stuff like that. |
I am porting the SSH build agent to mina-sshd, it is nice than Trilead at API level and is well documented. I also have test connectbot that was my first option to shade that library replacing only a few classes that are Jenkins implementations, was fine too. Finally, I chose Apache Mina SSHD because the Apache foundation is behind and is well documented.
We are the only ones who use and maintain this library. Security issues and updates come slow because we are limited people. Other libraries like Apache Mina SSHD are well maintained. Trilead SSH2 library is a really old code with a bunch of outdated ways to make stuff, and in some cases really odd and unjustified. It is really hard to maintain, when we add a new feature it is really easy to break something, in deed we did many times, it is really time consuming. |
See JENKINS-69229.
revert the parent update that enforces java11 and does not give a nice way to go back to java 8.
(we would have to change 2 properties, as well as override parts of the enforcer - but then we would still require java11 to build/release which is not ideal when we want to be extra careful that we are correctly restoring lost functionality)
with this version of the parent spotbugs reports a lot of issues and as we are fine with the reports before this change (I guess false positives that have been fixed) I have just disabled spotbugs for the moment.
maven-enforcer-plugin
is checking the bytecode of all the libraries, whilst it excludesjbcrypt
this is version 1.0.0 that has been included for over 5 years so this should not be causing any new issues.Submitter checklist