New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[JENKINS-71034] [JENKINS-71035] [JENKINS-71036] [JENKINS-71037] Improve CSP compatibility #7893
Conversation
Failures seem related to some ATH changes, re-triggered the build to see if it's confirmed or not. |
Please take a moment and address the merge conflicts of your pull request. Thanks! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I tested each of these changes locally, they all seems good and correctly remove the reported CSP warnings.
Testing done
Tested manually whether the behaviour is the same before and after the fix. Did certain modifications in Java code to make it easier to reach corresponding Jelly templates.
Unsure if the UI part has any test coverage. I can try to write some unit tests for certain bits to make sure functionality isn't broken if you tell me it's needed.
Proposed changelog entries
Proposed upgrade guidelines
N/A
Submitter checklist
New public classes, fields, and methods are annotated with@Restricted
or have@since TODO
Javadocs, as appropriate.New deprecations are annotated with@Deprecated(since = "TODO")
or@Deprecated(forRemoval = true, since = "TODO")
, if applicable.eval
to ease future introduction of Content Security Policy (CSP) directives (see documentation).For dependency updates, there are links to external changelogs and, if possible, full differentials.For new APIs and extension points, there is a link to at least one consumer.Desired reviewers
@jenkinsci/core-security-review
Maintainer checklist
Before the changes are marked as
ready-for-merge
:upgrade-guide-needed
label is set and there is a Proposed upgrade guidelines section in the pull request title (see example).lts-candidate
to be considered (see query).