fix(deps): update dependency org.jenkins-ci.plugins:aws-credentials to v248

[mend-5034428]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
org.jenkins-ci.plugins:aws-credentials	1.23 -> 248.v78a_dcfc9db_ff

---

Release Notes

jenkinsci/aws-credentials-plugin (org.jenkins-ci.plugins:aws-credentials)

v248.v78a_dcfc9db_ff

Compare Source

🐛 Bug fixes

• Force region for client (#​291) @​olamy

📦 Dependency updates

• Bump org.jenkins-ci.plugins:plugin from 5.16 to 5.17 (#​288) @​dependabot[bot]
• Bump org.jenkins-ci.plugins:plugin from 4.88 to 5.9 (#​277) @​dependabot[bot]

v245.v8a_1b_7c11a_94d

Compare Source

👻 Maintenance

• Require 2.479.1 or newer (#​275) @​basil

v243.v41c19a_fb_5dcf

Compare Source

🐛 Bug fixes

• Fix NPE (#​271) @​basil

v242.v8d05df911e3d

Compare Source

🐛 Bug fixes

• Only use accessKey and secretKey if they are not blank (#​265) @​samholton

👻 Maintenance

• Use versions from BOM (#​262) @​basil

v240.v6d844a_6f5480

Compare Source

🐛 Bug fixes

• Fix "NullPointerException: Access key ID cannot be blank" (#​260) @​basil

v239.v6681a_0ea_46ef

Compare Source

👻 Maintenance

• Adapt to removal of STS module (#​259) @​basil

v238.v8fb_588a_2b_e67

Compare Source

🚀 New features and improvements

• JENKINS-73649 - Use AWS SDK for Java 2.x (#​254) @​basil

✍ Other changes

• Enable Jenkins Security Scan (#​245) @​strangelookingnerd

📦 Dependency updates

• Bump org.jenkins-ci.plugins:plugin from 4.75 to 4.86 (#​244) @​dependabot
• Bump io.jenkins.tools.incrementals:git-changelist-maven-extension from 1.7 to 1.8 (#​243) @​dependabot

v231.v08a_59f17d742

Compare Source

👷 Changes for plugin developers

• Silence warnings for fields with no getters (#​238) @​rsandell

✍ Other changes

• Test with Java 21 (#​230) @​MarkEWaite

v218.v1b_e9466ec5da_

Compare Source

👷 Changes for plugin developers

• Refresh plugin for August 2023 (#​229) @​basil

📝 Documentation updates

• Even though this plugin was initially open-sourced from CloudBees work, it shouldn't be branded as CloudBees. (#​127) @​Vlatombe

👻 Maintenance

• chore: use jenkins infra maven cd reusable workflow (#​150) @​jetersen
• Replacing JSR-305 javax.annotations with Spotbugs (#​193) @​aneveux
• Increase spotbugs checks and fix redundant interface declaration (#​189) @​aneveux
• Updating parent pom and bom (#​188) @​aneveux

📦 Dependency updates

• Bump jenkins-infra/interesting-category-action from 1.0.0 to 1.2.1 (#​178) @​dependabot
• Bump jenkins-infra/verify-ci-status-action from 1.2.0 to 1.2.2 (#​176) @​dependabot
• Bump git-changelist-maven-extension from 1.3 to 1.6 (#​198) @​dependabot
• Bump actions/checkout from 2.4.0 to 3.3.0 (#​190) @​dependabot
• Bump jenkins-infra/jenkins-maven-cd-action from 1.2.0 to 1.3.3 (#​195) @​dependabot
• Bump actions/setup-java from 2.5.0 to 3.10.0 (#​196) @​dependabot

v191.vcb_f183ce58b_9

Compare Source

🐛 Bug fixes

• [SECURITY-2351] CVE-2022-27198 (CSRF), CVE-2022-27199 (permission check)

CloudBees AWS Credentials Plugin 189.v3551d5642995 and earlier does not perform a permission check in a method implementing form validation. Additionally, this form validation method does not require POST requests, resulting in a cross-site request forgery (CSRF) vulnerability.

v189.v3551d5642995

🐛 Bug fixes

• JENKINS-67452 - Do not add blank external ids (#​125) @​jtnord

📦 Dependency updates

• Bump plugin from 4.28 to 4.33 (#​123) @​dependabot
• Bump git-changelist-maven-extension from 1.2 to 1.3 (#​120) @​dependabot

👻 Maintenance

• Enable CD for this plugin (#​126) @​Vlatombe

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

disabled