Bump the runtime-dependencies group with 2 updates

[dependabot]

Bumps the runtime-dependencies group with 2 updates: org.jenkins-ci.main:jenkins-core and org.jenkins-ci.plugins:credentials-binding.

Updates org.jenkins-ci.main:jenkins-core from 2.517 to 2.521

Release notes

Sourced from org.jenkins-ci.main:jenkins-core's releases.

2.521

This is an automatically generated changelog draft for Jenkins weekly releases. See https://www.jenkins.io/changelog/2.517/ for the official changelog for this release.

🚀 New features and improvements

• Refine bottom app bar appearance (#10853) @​janfaracik

All contributors: @​janfaracik, @​jenkins-release-bot, @​krisstern, @​renovate[bot] and renovate[bot]

2.520

This is an automatically generated changelog draft for Jenkins weekly releases. See https://www.jenkins.io/changelog/2.520/ for the official changelog for this release.

🚀 New features and improvements

• Refine Console URL Provider UI (#10839) @​janfaracik

🐛 Bug fixes

• JENKINS-75637 - Fix System configuration page no longer having breadcrumb navigation (#10715) @​janfaracik

👻 Maintenance

• Reduce jquery usage in jenkins.js (very simple start) (#10833) @​StefanSpieker

All contributors: @​StefanSpieker, @​github-actions[bot], @​janfaracik, @​jenkins-release-bot, @​jglick, @​jtnord, @​krisstern, @​renovate[bot], github-actions[bot] and renovate[bot]

2.519

This is an automatically generated changelog draft for Jenkins weekly releases. See https://www.jenkins.io/changelog/2.519/ for the official changelog for this release.

🚨 Removed

• Remove /extensionList/ URL (#10752) @​daniel-beck

🚀 New features and improvements

• Remove /extensionList/ URL (#10752) @​daniel-beck
• Refine colors and borders (#10814) @​janfaracik

🐛 Bug fixes

• JENKINS-75834 - limit the functionality to a specific reference (#10818) @​scherler

🌐 Localization and translation

• Migrate global build discarder from groovy to jelly and add German translation (#10835) @​StefanSpieker

👻 Maintenance

... (truncated)

Commits

• 32b9e8a [maven-release-plugin] prepare release jenkins-2.521
• 235d237 Update dependency io.jenkins.plugins:json-api to v20250517-163.v1c5da_e99c775...
• 338978e Update dependency io.jenkins.plugins:gson-api to v2.13.1-153.vb_3d0c48a_a_b_4...
• 42b1346 Update dependency io.jenkins.plugins:asm-api to v9.8-163.vb_2a_96d3f9c3c (#10...
• b5dd8e3 Update dependency io.jenkins.plugins:json-api to v20250517-163.v1c5da_e99c775
• 5b37a51 Update dependency io.jenkins.plugins:gson-api to v2.13.1-153.vb_3d0c48a_a_b_4a_
• bc77f6a Update dependency io.jenkins.plugins:asm-api to v9.8-163.vb_2a_96d3f9c3c
• fa039f8 Update eslint monorepo to v9.32.0 (#10875)
• 71d4b45 Update dependency io.jenkins.plugins:font-awesome-api to v7 (#10874)
• 80d928e Update dependency io.jenkins.plugins:design-library to v403 (#10873)
• Additional commits viewable in compare view

Updates org.jenkins-ci.plugins:credentials-binding from 687.689.v1a_f775332fc9 to 702.vfe613e537e88

Release notes

Sourced from org.jenkins-ci.plugins:credentials-binding's releases.

702.vfe613e537e88

🐛 Bug fixes

• JENKINS-75914 - Do not mask empty secrets (#378) @​Kevin-CB

📦 Dependency updates

• Bump io.jenkins.tools.bom:bom-2.479.x from 4488.v7fe26526366e to 5043.v855ff4819a_0f (#375) @dependabot[bot]
• Bump org.xmlunit:xmlunit-matchers from 2.10.0 to 2.10.3 (#370) @dependabot[bot]
• Bump org.jenkins-ci.plugins:plugin from 5.9 to 5.18 (#372) @dependabot[bot]
• Bump io.jenkins.tools.incrementals:git-changelist-maven-extension from 1.8 to 1.10 (#374) @dependabot[bot]

696.v256688029804

🔒 Security

• Fix SECURITY-3499

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions