forked from mallowlabs/bitbucket-oauth-plugin
-
Notifications
You must be signed in to change notification settings - Fork 20
/
Copy pathCHANGELOG
77 lines (44 loc) · 2.8 KB
/
CHANGELOG
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
# Version History
### Version 0.14 (11 Feb, 2025)
* Minimum Java version is now 11 (related: [PR #9](https://github.com/jenkinsci/bitbucket-oauth-plugin/pull/9))
* Recommended Jenkins version is now 2.462.3+ (related: [PR #9](https://github.com/jenkinsci/bitbucket-oauth-plugin/pull/9))
* Updated gson to version 2.8.9
### Version 0.13 (25 Dec, 2022)
* [SECURITY-2981] Fixed CSRF vulnerability in OAuth flow
* [SECURITY-2982] Fixed session fixation vulnerability
### Version 0.12 (19 Dec, 2021)
* Changed README for [the Jenkins documentation system](https://www.jenkins.io/doc/developer/publishing/documentation/)
### Version 0.11 (19 Dec, 2021)
* Fixed using of deprecated `teams` API. (related: [Pull Request #8](https://github.com/jenkinsci/bitbucket-oauth-plugin/pull/8))
If you update 0.10 to 0.11, change role names.
* `admin` to `owner`
* `contributor` to `collaborator`
For example if your role name is `team1::admin`, change the role name to `team1::owner`.
### Version 0.10 (14 Oct, 2019)
* [SECURITY-1546] Fixed client secret is saved in plain text (Notice: I recommend that you re-save Jenkins security configuration.)
### Version 0.9 (19 Jan, 2019)
* Fixed infinite redirect loop on Jenkins 2.150.2 (related: [JENKINS-55668](https://issues.jenkins-ci.org/browse/JENKINS-55668) )
### Version 0.8 (3 Jan, 2019)
* Changed Bitbucket OAuth 1.0 to OAuth 2.0 (Notice: **You have to specify the Callback URL in Bitbucket OAuth setting page**)
* Changed Bitbucket API v1 to v2 (Notice: **You have to add Account Read permission in Bitbucket OAuth setting page**)
* Changed secret key input field to password
bitbucket-oauth-plugin changed using OAuth version 1.0 to 2.0.
If you got **invalid redirect_uri** error in login, you hove to specify Callback URL in Bitbucket OAuth setting page.
bitbucket-oauth-plugin changed using Bitbucket API endpoint v1 to v2.
You have to change permissions: **Account > Read and Team membership > Read**
### Version 0.7 (1 May, 2018)
* Fixed Groovy example did not work
Version 0.6 (25 Feb, 2018)
* Added Bitbucket API 2.0 support (Pluign requires Account Read Permission only)
* Added spport for adding user authorities based on bitbucket team/role (related: [Pull Request #11](https://github.com/mallowlabs/bitbucket-oauth-plugin/pull/11))
### Version 0.5 (5 Jun, 2016)
* Fixed ClassCastException (related: [JENKINS-34792](https://issues.jenkins-ci.org/browse/JENKINS-34792) )
### Version 0.4 (14 May, 2014)
* Fixed broken api token access (related: [JENKINS-21882](https://issues.jenkins-ci.org/browse/JENKINS-21882) )
### Version 0.3 (31 Jul, 2013)
* Works on reverse proxy environments ( Use Jenkins URL configuration instead of request URL )
### Version 0.1 (29 May, 2013)
* Initial release