-
-
Notifications
You must be signed in to change notification settings - Fork 1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Host Finite State Third Party Upload Plugin #3930
Comments
Security audit, information and commands The security team is auditing all the hosting requests, to ensure a better security by default. This message informs you that a Jenkins Security Scan was triggered on your repository. CommandsThe bot will parse all comments, and it will check if any line start with a command. Security team only:
Anyone:
Only one command can be requested per comment. (automatically generated message, version: 1.28.4) |
Hello from your friendly Jenkins Hosting Checker It appears you have some issues with your hosting request. Please see the list below and correct all issues marked Required. Your hosting request will not be approved until these issues are corrected. Issues marked with Warning or Info are just recommendations and will not stall the hosting process.
You can re-trigger a check by editing your hosting request or by commenting |
The Jenkins Security Scan discovered 23 finding(s) 🔍. Please follow the instructions below for every identified issues:
After addressing the findings through one of the above methods:
Jenkins: Missing permission check on a form fill web method with credentials lookupYou can find detailed information about this finding here. ThirdPartyUploadRecorder.java#374
ThirdPartyUploadRecorder.java#364
ThirdPartyUploadRecorder.java#354
Stapler: Missing POST/RequirePOST annotationYou can find detailed information about this finding here. ThirdPartyUploadRecorder.java#418
ThirdPartyUploadRecorder.java#414
ThirdPartyUploadRecorder.java#410
ThirdPartyUploadRecorder.java#406
ThirdPartyUploadRecorder.java#401
ThirdPartyUploadRecorder.java#396
ThirdPartyUploadRecorder.java#391
ThirdPartyUploadRecorder.java#374
ThirdPartyUploadRecorder.java#364
ThirdPartyUploadRecorder.java#354
Stapler: Missing permission checkYou can find detailed information about this finding here. ThirdPartyUploadRecorder.java#418
ThirdPartyUploadRecorder.java#414
ThirdPartyUploadRecorder.java#410
ThirdPartyUploadRecorder.java#406
ThirdPartyUploadRecorder.java#401
ThirdPartyUploadRecorder.java#396
ThirdPartyUploadRecorder.java#391
ThirdPartyUploadRecorder.java#374
ThirdPartyUploadRecorder.java#364
ThirdPartyUploadRecorder.java#354
|
Hello from your friendly Jenkins Hosting Checker It appears you have some issues with your hosting request. Please see the list below and correct all issues marked Required. Your hosting request will not be approved until these issues are corrected. Issues marked with Warning or Info are just recommendations and will not stall the hosting process.
You can re-trigger a check by editing your hosting request or by commenting |
Hello from your friendly Jenkins Hosting Checker It appears you have some issues with your hosting request. Please see the list below and correct all issues marked Required. Your hosting request will not be approved until these issues are corrected. Issues marked with Warning or Info are just recommendations and will not stall the hosting process.
You can re-trigger a check by editing your hosting request or by commenting |
Hello from your friendly Jenkins Hosting Checker It appears you have some issues with your hosting request. Please see the list below and correct all issues marked Required. Your hosting request will not be approved until these issues are corrected. Issues marked with Warning or Info are just recommendations and will not stall the hosting process.
You can re-trigger a check by editing your hosting request or by commenting |
Hello from your friendly Jenkins Hosting Checker It appears you have some issues with your hosting request. Please see the list below and correct all issues marked Required. Your hosting request will not be approved until these issues are corrected. Issues marked with Warning or Info are just recommendations and will not stall the hosting process.
You can re-trigger a check by editing your hosting request or by commenting |
In addition to other comments from the bot, I'd invite you to provide a description of your plugin in https://github.com/FiniteStateInc/third-party-upload-jenkins/blob/7da850e81091fb80701dc43c3866ebabbaf941e3/src/main/resources/index.jelly#L3. Rather than depending on the |
/request-security-scan |
The Jenkins Security Scan discovered 23 finding(s) 🔍. Please follow the instructions below for every identified issues:
After addressing the findings through one of the above methods:
Jenkins: Missing permission check on a form fill web method with credentials lookupYou can find detailed information about this finding here. ThirdPartyUploadRecorder.java#374
ThirdPartyUploadRecorder.java#364
ThirdPartyUploadRecorder.java#354
Stapler: Missing POST/RequirePOST annotationYou can find detailed information about this finding here. ThirdPartyUploadRecorder.java#418
ThirdPartyUploadRecorder.java#414
ThirdPartyUploadRecorder.java#410
ThirdPartyUploadRecorder.java#406
ThirdPartyUploadRecorder.java#401
ThirdPartyUploadRecorder.java#396
ThirdPartyUploadRecorder.java#391
ThirdPartyUploadRecorder.java#374
ThirdPartyUploadRecorder.java#364
ThirdPartyUploadRecorder.java#354
Stapler: Missing permission checkYou can find detailed information about this finding here. ThirdPartyUploadRecorder.java#418
ThirdPartyUploadRecorder.java#414
ThirdPartyUploadRecorder.java#410
ThirdPartyUploadRecorder.java#406
ThirdPartyUploadRecorder.java#401
ThirdPartyUploadRecorder.java#396
ThirdPartyUploadRecorder.java#391
ThirdPartyUploadRecorder.java#374
ThirdPartyUploadRecorder.java#364
ThirdPartyUploadRecorder.java#354
|
/request-security-scan |
The Jenkins Security Scan discovered 10 finding(s) 🔍. Please follow the instructions below for every identified issues:
After addressing the findings through one of the above methods:
Stapler: Missing POST/RequirePOST annotationYou can find detailed information about this finding here. ThirdPartyUploadRecorder.java#395
ThirdPartyUploadRecorder.java#376
ThirdPartyUploadRecorder.java#357
Stapler: Missing permission checkYou can find detailed information about this finding here. ThirdPartyUploadRecorder.java#455
ThirdPartyUploadRecorder.java#450
ThirdPartyUploadRecorder.java#445
ThirdPartyUploadRecorder.java#440
ThirdPartyUploadRecorder.java#434
ThirdPartyUploadRecorder.java#428
ThirdPartyUploadRecorder.java#422
|
@NotMyFault Should I open another PR when I have all the changes merge in main branch?. Nowadays I have open a PR that is waiting to be reviewed that fix all the stuff related with the security scan |
Repository URL
https://github.com/FiniteStateInc/third-party-upload-jenkins
New Repository Name
finite-state-third-party-upload-plugin
Description
The Finite State third-party-upload allows you to easily integrate the Finite State Platform into Jenkins.
GitHub users to have commit permission
@cpfarherFinitestate @phillipcurl
Jenkins project users to have release permission
finitestateinc
Issue tracker
GitHub issues
The text was updated successfully, but these errors were encountered: