Bump git from 4.1.0 to 4.2.2

[dependabot-preview]

Bumps git from 4.1.0 to 4.2.2.

Release notes

Sourced from git's releases.

Git Plugin 4.2.2

📝 Documentation updates

• Fix documentation URL in pom @MarkEWaite

📦 Dependency updates

• Bump xmlunit-matchers from 2.6.3 to 2.6.4 (#853) @dependabot
• Bump plugin from 3.56 to 3.57 (#849) @dependabot

🚦 Tests

• Add UserIdentityTest to improve code coverage in git-plugin (#851) @rishabhBudhouliya
• Addition of unit test for WipeWorkspace extension behavior in GitSCM (#852) @rishabhBudhouliya

Git Plugin 4.2.1

⚡️ Security Fix

• Prevent stored cross-site scripting vulnerability in Team Foundation Server error message - SECURITY-1723

Git Plugin 4.2.0

🚀 New features and improvements

• JENKINS-59828 - : Expand support for the SCM API 2.0 to support tags (#776) @steven-terrana
• JENKINS-61065 - Allow disabling of multi candidate scheduling (#829) @Hickstone

🐛 Bug Fixes

• JENKINS-48625 - Restore binding of doCheckUrl methods and add some initial checks (#841) @rishabhBudhouliya
• JENKINS-57660 - Addition of a doCheck validation method for invalid refSpec (#826) @rishabhBudhouliya
• JENKINS-38608 - Report clearly if the Repo URL is empty (#821) @rishabhBudhouliya

📦 Dependency updates

• Exclude jsoup from git plugin jpi packaging (#842) @MarkEWaite
• Bump maven-checkstyle-plugin from 3.1.0 to 3.1.1 (#840) @dependabot
• Bump equalsverifier from 3.1.11 to 3.1.12 (#831) @dependabot

📝 Documentation updates

• Fix various documentation errors (#838) @MarkEWaite
• Add docs from wiki (#837) @MarkEWaite
• Refine the web hook and notify commit docs (#836) @MarkEWaite
• Restore Push notification documentation (#835) @nterray
• Use docs from tagged release (#819) @MarkEWaite

🚦 Tests

• Tests for MergeWithSCMExtention.java (#834) @Loghijiaha

Git Plugin 4.1.1

📝 Documentation updates

... (truncated)

Commits

• 580f578 [maven-release-plugin] prepare release git-4.2.2
• a1c761b Merge pull request #851 from rishabhBudhouliya/UserIdentityTest
• f46eebf Merge pull request #852 from rishabhBudhouliya/WipeWorkspaceTest
• 5b1b9cd Merge remote-tracking branch 'upstream/v4.2.x'
• 1ab4aa7 Bump xmlunit-matchers from 2.6.3 to 2.6.4
• 0c41d45 A small change in before() method to run equalsContract() test
• 5f4f05b Removed duplicate code and added @WithoutJenkins
• 4cfc649 Removed duplicate set extension in SCM line and added @WithoutJenkins for equ...
• 8d8cc36 Addition of unit test for WipeWorkspace and force clone extension behavior in...
• 0a675bc Update UserIdentityTest: Removed unnecessary imports
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in the .dependabot/config.yml file in this repo:

• Update frequency
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

[jglick]

check after #208

[timja]

jenkinsci/git-plugin#841

[2020-04-08T09:00:33.747Z] Require upper bound dependencies error for commons-beanutils:commons-beanutils:1.8.3 paths to dependency are:

[2020-04-08T09:00:33.747Z] +-io.jenkins.tools.bom:sample:7-rc308.f604c5110698

[2020-04-08T09:00:33.747Z]   +-org.jenkins-ci.main:jenkins-core:2.164.3

[2020-04-08T09:00:33.747Z]     +-commons-beanutils:commons-beanutils:1.8.3

[2020-04-08T09:00:33.747Z] and

[2020-04-08T09:00:33.747Z] +-io.jenkins.tools.bom:sample:7-rc308.f604c5110698

[2020-04-08T09:00:33.747Z]   +-org.jenkins-ci.plugins:git:4.2.2

[2020-04-08T09:00:33.747Z]     +-commons-validator:commons-validator:1.6

[2020-04-08T09:00:33.747Z]       +-commons-beanutils:commons-beanutils:1.9.2

[2020-04-08T09:00:33.747Z] and

[2020-04-08T09:00:33.747Z] +-io.jenkins.tools.bom:sample:7-rc308.f604c5110698

[2020-04-08T09:00:33.747Z]   +-org.jenkins-ci.main:jenkins-core:2.164.3

[2020-04-08T09:00:33.747Z]     +-org.kohsuke.stapler:json-lib:2.4-jenkins-2

[2020-04-08T09:00:33.747Z]       +-commons-beanutils:commons-beanutils:1.8.0

[2020-04-08T09:00:33.747Z] and

[2020-04-08T09:00:33.747Z] +-io.jenkins.tools.bom:sample:7-rc308.f604c5110698

[2020-04-08T09:00:33.747Z]   +-org.jenkins-ci.main:jenkins-core:2.164.3

[2020-04-08T09:00:33.747Z]     +-commons-digester:commons-digester:2.1

[2020-04-08T09:00:33.747Z]       +-commons-beanutils:commons-beanutils:1.8.3

[2020-04-08T09:00:33.747Z] and

[2020-04-08T09:00:33.747Z] +-io.jenkins.tools.bom:sample:7-rc308.f604c5110698

[2020-04-08T09:00:33.747Z]   +-org.jenkins-ci.main:jenkins-core:2.164.3

[2020-04-08T09:00:33.747Z]     +-commons-jelly:commons-jelly-tags-xml:1.1

[2020-04-08T09:00:33.747Z]       +-commons-beanutils:commons-beanutils:1.6

[2020-04-08T09:00:33.747Z] and

[2020-04-08T09:00:33.747Z] +-io.jenkins.tools.bom:sample:7-rc308.f604c5110698

[2020-04-08T09:00:33.747Z]   +-org.jenkins-ci.main:jenkins-core:2.164.3

[2020-04-08T09:00:33.747Z]     +-org.kohsuke.stapler:stapler-jrebel:1.256

[2020-04-08T09:00:33.747Z]       +-org.kohsuke.stapler:stapler:1.256

[2020-04-08T09:00:33.747Z]         +-commons-beanutils:commons-beanutils:1.8.3

[2020-04-08T09:00:33.747Z] and

[2020-04-08T09:00:33.747Z] +-io.jenkins.tools.bom:sample:7-rc308.f604c5110698

[2020-04-08T09:00:33.747Z]   +-org.jenkins-ci.main:jenkins-core:2.164.3

[2020-04-08T09:00:33.747Z]     +-org.kohsuke.stapler:stapler-groovy:1.256

[2020-04-08T09:00:33.747Z]       +-org.kohsuke.stapler:stapler-jelly:1.256

[2020-04-08T09:00:33.747Z]         +-org.jenkins-ci:commons-jelly:1.1-jenkins-20120928

[2020-04-08T09:00:33.747Z]           +-commons-beanutils:commons-beanutils:1.7.0

[timja]

Fixed in jenkinsci/git-plugin#862 unreleased

[timja]

needs a release of the git plugin and a newer lts baseline added to bom

[jglick]

(#214)

[jglick]

still broken

[jetersen]

@dependabot rebase

[timja]

@dependabot merge