We're adding "warnings" to the update sites that inform users (mostly) about security issues in core and plugins they're using.
This should also show up on the plugins site.
- Warnings can be issued for plugins that aren't currently being published
- Warnings can be issued for past or current releases (the latter needing to be more visible, i.e. no fixed version)
See https://github.com/jenkinsci/backend-update-center2/pull/96 for the current draft format. The resource file contents are a new top-level element in the update-site.json object with the key 'warnings'.