Devin Nusbaum

Integrated into https://github.com/jenkinsci/workflow-job-plugin/pull/470 for simplicity.

@jetersen Any chance you can help get this released?

I don't know if Yaroslav is still active in the Jenkins project. It is unfortunate that https://github.com/jenkinsci/bitbucket-branch-source-plugin/commit/ad359b3d2d8d6c114025d81abc59b3c9acb636df did not add any tests. Here are the reproduction steps from the security...

@Dohbedoh Yaroslav asked me to pass on some info from when he worked on the security ticket initially. The reason he made the one-line change that you are proposing to...

> The Secret is easier to read and clone, since it effectively carries the plaintext data as a Base64 String value which can be encoded/decoded for serialization to disk or...

> A memory-dump snapshot of those is not immediately readable, unlike a Secret, which probably is the point of this class. [This comment](https://github.com/jenkinsci/credentials-plugin/pull/64#issuecomment-230792338) and the reply make me think that...

> Now, what about this-here PR? To me and my tasks it brings "immediate relief" for an issue at hand; you seem to be in favor of deeper design changes.....

Anyway, since I am trying to be helpful and not just nitpicky (😄), take a look at https://github.com/jenkinsci/credentials-plugin/compare/master...dwnusbaum:credentials-plugin:JENKINS-70101 to see what a fix that changes `SecretBytes` to use unencrypted data...

> return (ExecutorService) Executors.class.getMethod("newVirtualThreadPerTaskExecutor").invoke(null); My (limited) understanding of the current state with virtual threads was that unless you are running homogenous tasks that you know do not use `synchronized`, you...

FTR @jgreffe if you want to update the PR description here is some extra context: `opentelemetry` wants to make it possible for other plugins to augment the traces produced for...