From ee15f60c9d2ede667a3501aa654f28eaffab2791 Mon Sep 17 00:00:00 2001
From: Michael Trimarchi <michael@amarulasolutions.com>
Date: Sun, 10 Dec 2023 09:41:46 +0100
Subject: [PATCH 1/4] bump to 2.387.3 to addressing XSS script vulnerability

Addressing CVE-2022-34185
Signed-off-by: Michael Trimarchi <michael@amarulasolutions.com>
---
 pom.xml | 9 ++-------
 1 file changed, 2 insertions(+), 7 deletions(-)

diff --git a/pom.xml b/pom.xml
index a2d00c7..e7c379f 100644
--- a/pom.xml
+++ b/pom.xml
@@ -5,18 +5,13 @@
     <parent>
         <groupId>org.jenkins-ci.plugins</groupId>
         <artifactId>plugin</artifactId>
-        <version>2.11</version>
+        <version>4.75</version>
         <relativePath />
     </parent>
 
     <properties>
         <!-- Baseline Jenkins version you use to build the plugin. Users must have this version or newer to run. -->
-        <jenkins.version>1.614</jenkins.version>
-        <!-- Other properties you may want to use:
-             ~ java.level: set to 6 if your jenkins.version <= 1.611 ~ jenkins-test-harness.version: Jenkins Test Harness version you use to test the plugin. For Jenkins version >= 1.580.1 use JTH 2.0 or higher.
-             ~ hpi-plugin.version: The HPI Maven Plugin version used by the plugin..
-             ~ stapler-plugin.version: The Stapler Maven plugin version required by the plugin.
-        -->
+        <jenkins.version>2.387.3</jenkins.version>
     </properties>
 
     <groupId>me.leejay.jenkins</groupId>

From 21c11f2f62c8db3c69043b725cdeda8e325966fe Mon Sep 17 00:00:00 2001
From: Michael Trimarchi <michael@amarulasolutions.com>
Date: Sun, 10 Dec 2023 09:43:14 +0100
Subject: [PATCH 2/4] index.jelly: Escape the title explicity

Addressing CVE-2022-34185
Signed-off-by: Michael Trimarchi <michael@amarulasolutions.com>
---
 .../dateparameter/DateParameterDefinition/index.jelly       | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/main/resources/me/leejay/jenkins/dateparameter/DateParameterDefinition/index.jelly b/src/main/resources/me/leejay/jenkins/dateparameter/DateParameterDefinition/index.jelly
index 2921d56..26993df 100644
--- a/src/main/resources/me/leejay/jenkins/dateparameter/DateParameterDefinition/index.jelly
+++ b/src/main/resources/me/leejay/jenkins/dateparameter/DateParameterDefinition/index.jelly
@@ -2,11 +2,11 @@
 <j:jelly xmlns:j="jelly:core"
          xmlns:f="/lib/form"
 >
-
-    <f:entry title="${it.name}" description="${it.description}">
+    <j:set var="escapeEntryTitleAndDescription" value="false"/>
+    <f:entry title="${h.escape(it.name)}" description="${it.description}">
         <div name="parameter" description="${it.description}">
             <input type="hidden" name="name" value="${it.name}"/>
             <f:textbox name="value" value="${it.value}"/>
         </div>
     </f:entry>
-</j:jelly>
\ No newline at end of file
+</j:jelly>

From 3f1ffa3a2f7db0bb6ffa9919818ced59fff26f66 Mon Sep 17 00:00:00 2001
From: Michael Trimarchi <michael@amarulasolutions.com>
Date: Sun, 10 Dec 2023 10:04:28 +0100
Subject: [PATCH 3/4] [maven-release-plugin] prepare release v0.0.5

Signed-off-by: Michael Trimarchi <michael@amarulasolutions.com>
---
 pom.xml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pom.xml b/pom.xml
index e7c379f..8584e8d 100644
--- a/pom.xml
+++ b/pom.xml
@@ -16,7 +16,7 @@
 
     <groupId>me.leejay.jenkins</groupId>
     <artifactId>date-parameter</artifactId>
-    <version>0.0.5-SNAPSHOT</version>
+    <version>0.0.5</version>
     <packaging>hpi</packaging>
     <name>Date Parameter Plugin</name>
     <url>https://wiki.jenkins-ci.org/display/JENKINS/Date+Parameter+Plugin</url>
@@ -34,7 +34,7 @@
         <connection>scm:git:git://github.com/jenkinsci/date-parameter-plugin.git</connection>
         <developerConnection>scm:git:git@github.com:jenkinsci/date-parameter-plugin.git</developerConnection>
         <url>https://github.com/jenkinsci/date-parameter-plugin</url>
-      <tag>HEAD</tag>
+      <tag>v0.0.5</tag>
   </scm>
 
     <developers>

From ffca73641cdfb64e493bd27bf0d860669078eda8 Mon Sep 17 00:00:00 2001
From: Michael Trimarchi <michael@amarulasolutions.com>
Date: Sun, 10 Dec 2023 10:05:54 +0100
Subject: [PATCH 4/4] [maven-release-plugin] prepare for next development
 iteration

Signed-off-by: Michael Trimarchi <michael@amarulasolutions.com>
---
 pom.xml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pom.xml b/pom.xml
index 8584e8d..e89a587 100644
--- a/pom.xml
+++ b/pom.xml
@@ -16,7 +16,7 @@
 
     <groupId>me.leejay.jenkins</groupId>
     <artifactId>date-parameter</artifactId>
-    <version>0.0.5</version>
+    <version>0.0.6-SNAPSHOT</version>
     <packaging>hpi</packaging>
     <name>Date Parameter Plugin</name>
     <url>https://wiki.jenkins-ci.org/display/JENKINS/Date+Parameter+Plugin</url>
@@ -34,7 +34,7 @@
         <connection>scm:git:git://github.com/jenkinsci/date-parameter-plugin.git</connection>
         <developerConnection>scm:git:git@github.com:jenkinsci/date-parameter-plugin.git</developerConnection>
         <url>https://github.com/jenkinsci/date-parameter-plugin</url>
-      <tag>v0.0.5</tag>
+      <tag>HEAD</tag>
   </scm>
 
     <developers>