Merge pull request #1568 from gocd/release-23-5-0

Add release notes for 23.5.0
gocd · Dec 30, 2023 · cd976fd · cd976fd
2 parents 4297ba8 + 9aeb8b0
commit cd976fd
Show file tree

Hide file tree

Showing 2 changed files with 51 additions and 3 deletions.
diff --git a/source/partials/release_notes/_release-23-5-0.md.erb b/source/partials/release_notes/_release-23-5-0.md.erb
@@ -0,0 +1,45 @@
+This release is a maintenance and bug-fix release.
+
+<h4>Enhancements</h4>
+
+* <%= link_to_issue 12353, 'Starting this release, Alpine 3.19 based container images for GoCD Agent are' %> <%= link_to 'available', 'https://hub.docker.com/r/gocd/gocd-agent-alpine-3.19' %>.
+* <%= link_to_issue 12353, 'Build the default GoCD Server image on Alpine 3.19' %>
+* <%= link_to_issue 12212, 'Make template selector dropdowns alphabetically sorted' %>
+
+<h4>Bug fixes</h4>
+
+* <%= link_to_issue 12220, 'Console view toolbar not shown after scrolling on v23.4.0' %>
+* <%= link_to_issue 12305, 'Unable to pick stage from Add Material menu in Chrome on MacOS Sonoma' %>
+* <%= link_to_issue 12389, 'Fix disappearing second+ stages on VSM view after clicking a stage' %>
+* <%= link_to_issue 12392, 'Correct display of "cancelled by" for stage runs other than that being viewed' %>
+
+<h4>Security fixes</h4>
+
+We regularly fix security issues reported by security researchers & upgrade dependencies to mitigate known vulnerabilities.
+Upgrading to the latest release is always recommended.
+
+There are no security fixes specifically known to affect GoCD included in this release.
+
+<h4>APIs</h4>
+
+Improvements, deprecations and breaking changes in the API and plugin API have been moved to their respective changelogs
+- <%= link_to_versioned_api '23.5.0','changes-in-23-5-0', 'API changelog for 23.5.0' %> and
+  <%= link_to_versioned_plugin_api '23.5.0','changes-in-gocd-23-5-0', 'Plugin API changelog for 23.5.0' %>.
+
+<h4>Contributors</h4>
+
+<%= [
+  "Aravind SV",
+  "Chad Wilson",
+  "Chris Gillatt",
+  "Lewis Jales-Huggins",
+].sort.uniq.join(', ')
+%>
+
+<h4>Note</h4>
+
+A more comprehensive list of changes for this release can be found <%= link_to_full_changelog 'here.', 'Release 23.5.0' %>
+
+Found a security issue that needs fixing? Please report it to <%= link_to 'https://hackerone.com/gocd', 'https://hackerone.com/gocd' %>
+
+Please report any issues that you observe on [GitHub issues](https://github.com/gocd/gocd/issues).
diff --git a/source/posts/2023-02-13-gocd-project-status.html.markdown.erb b/source/posts/2023-02-13-gocd-project-status.html.markdown.erb
@@ -99,7 +99,7 @@ The **"good"** news:
 - We believe GoCD was built with solid security principles in mind that have generally stood the test of time.
 - Software dependencies incorporated within GoCD are _generally_ still under active development, and thus being
   patched/updated. These are being incorporated into new GoCD releases without major issue.
-- GoCD runs on and is built/test using modern, maintained language runtimes (Java 17 LTS, NodeJS 18 LTS, Ruby 3.1)
+- GoCD runs on and is built/test using modern, maintained language runtimes (Java 17 LTS, NodeJS 20 LTS, Ruby 3.1)
 - GoCD continues to have good compatibility with latest operating systems, which can be extended to its supported
   [Docker images](/download.html).
 
@@ -115,15 +115,18 @@ The **"not-so-good"** news:
   of languages used across the codebase and many different features that make it difficult for a small team to support.
   Keeping on top of all of these requires non-trivial effort, and is likely not indefinitely sustainable with the current
   contributor/maintainer community size.
-- At time of writing, GoCD does depend on some libraries/frameworks which require significant effort to upgrade, but are
+- At time of writing _(updated: December 2023)_, GoCD does depend on some libraries/frameworks which require significant effort to upgrade, but are
   end-of-life, and thus present some level of ongoing risk. If a major vulnerability is discovered in these libraries/frameworks
   that affects GoCD it will either require an urgent upgrade, or forking and patching of those libraries/frameworks. The
   community is not well placed to manage this kind of development. To help you assess risk, at time of writing, they include (but may not be limited to)
 
   - Spring Framework 4.3 (EOL December 2020)
   - Spring Security 4.2 (EOL October 2020)
   - Hibernate ORM 3.6 (EOL February 2012)
-  - A small part of the UI relies on [AngularJS](https://angularjs.org/) 1 and PrototypeJS 1.6
+  - A small part of the UI relies on
+    - [AngularJS](https://angularjs.org/) 1.0 - plugin view templating support (EOL November 2013)
+    - <del>[jQuery](https://jquery.com/) 1.7 - stage and build/job detail views</del> (subsequent upgraded in GoCD 23.4.0)
+    - <del>PrototypeJS 1.6 - stage and build/job detail views</del> (subsequently replaced with jQuery in GoCD 23.5.0)
 
 ### How can my organization or myself help with maintenance of GoCD?