Branch: refs/heads/miguel/fix-security-alerts/missing-post-annotation
Home: https://github.com/jenkinsci/plasticscm-plugin
Commit: 42ac6daa81316dc3487f43a2479d318bcd2febf5
https://github.com/jenkinsci/plasticscm-plugin/commit/42ac6daa81316dc3487f43a2479d318bcd2febf5
Author: Miguel González <[email protected]>
Date: 2024-08-23 (Fri, 23 Aug 2024)
Changed paths:
M src/main/java/com/codicesoftware/plugins/hudson/PlasticSCM.java
M src/main/java/com/codicesoftware/plugins/hudson/PlasticSCMStep.java
M src/main/java/com/codicesoftware/plugins/jenkins/mergebot/MergebotScm.java
M
src/main/java/com/codicesoftware/plugins/jenkins/mergebot/MergebotScmStep.java
M src/main/java/com/codicesoftware/plugins/jenkins/tools/CmTool.java
Log Message:
-----------
Replace old @RequirePOST with @POST
According to
https://www.jenkins.io/doc/developer/security/form-validation/#protecting-from-csrf,
the @RequirePOST is an older annotation for preventing CSRF which
presents a form for the user to resubmit the request using POST.
However, in this case we can safely use the newer @POST annotation,
which limits processing to the POST verb. Other verbs will return a 404
response. It's the recommended action for validation methods.
Signed-off-by: Miguel González <[email protected]>
Commit: b358e6cc684fcc5047e409802c717e4b3e8e2fec
https://github.com/jenkinsci/plasticscm-plugin/commit/b358e6cc684fcc5047e409802c717e4b3e8e2fec
Author: Miguel González <[email protected]>
Date: 2024-08-23 (Fri, 23 Aug 2024)
Changed paths:
M src/main/java/com/codicesoftware/plugins/hudson/PlasticSCM.java
M src/main/java/com/codicesoftware/plugins/hudson/PlasticSCMStep.java
M src/main/java/com/codicesoftware/plugins/jenkins/mergebot/MergebotScm.java
M
src/main/java/com/codicesoftware/plugins/jenkins/mergebot/MergebotScmStep.java
Log Message:
-----------
Add @POST in missing methods
Signed-off-by: Miguel González <[email protected]>
Commit: 61d4532bfeca9955ff8e4ddb0023ad7f0254697b
https://github.com/jenkinsci/plasticscm-plugin/commit/61d4532bfeca9955ff8e4ddb0023ad7f0254697b
Author: Miguel González <[email protected]>
Date: 2024-08-23 (Fri, 23 Aug 2024)
Changed paths:
M src/main/java/com/codicesoftware/plugins/hudson/ChangeSetWriter.java
M src/main/java/com/codicesoftware/plugins/hudson/PlasticSCM.java
M src/main/java/com/codicesoftware/plugins/hudson/WorkspaceManager.java
M src/main/java/com/codicesoftware/plugins/hudson/commands/DiffCommand.java
M
src/main/java/com/codicesoftware/plugins/hudson/commands/GetSelectorSpecCommand.java
M src/main/java/com/codicesoftware/plugins/hudson/model/ChangeSet.java
M src/main/java/com/codicesoftware/plugins/hudson/model/ChangeSetList.java
M src/main/java/com/codicesoftware/plugins/hudson/model/Workspace.java
M
src/main/java/com/codicesoftware/plugins/hudson/util/BuildVariableResolver.java
M src/main/java/com/codicesoftware/plugins/hudson/util/FormChecker.java
M src/main/java/com/codicesoftware/plugins/hudson/util/FormFiller.java
M
src/main/java/com/codicesoftware/plugins/hudson/util/MaskedArgumentListBuilder.java
M src/main/java/com/codicesoftware/plugins/jenkins/BuildNode.java
M src/main/java/com/codicesoftware/plugins/jenkins/CredentialsFinder.java
M src/main/java/com/codicesoftware/plugins/jenkins/PlasticSCMFile.java
M src/main/java/com/codicesoftware/plugins/jenkins/PlasticSCMFileSystem.java
M src/main/java/com/codicesoftware/plugins/jenkins/mergebot/MergebotScm.java
M
src/main/java/com/codicesoftware/plugins/jenkins/mergebot/MergebotScmFile.java
M
src/main/java/com/codicesoftware/plugins/jenkins/mergebot/MergebotScmFileSystem.java
M src/main/java/com/codicesoftware/plugins/jenkins/tools/CmTool.java
M
src/main/java/com/codicesoftware/plugins/jenkins/tools/CmToolInstaller.java
M src/test/java/com/codicesoftware/plugins/hudson/PlasticSCMTest.java
M
src/test/java/com/codicesoftware/plugins/hudson/model/ChangeSetListTest.java
M
src/test/java/com/codicesoftware/plugins/hudson/util/SelectorParametersResolverTest.java
Log Message:
-----------
Replace deprecated code
Signed-off-by: Miguel González <[email protected]>
Commit: 8708d039145ca4062280203467ae4e7288f11240
https://github.com/jenkinsci/plasticscm-plugin/commit/8708d039145ca4062280203467ae4e7288f11240
Author: Miguel González <[email protected]>
Date: 2024-08-23 (Fri, 23 Aug 2024)
Changed paths:
M src/main/java/com/codicesoftware/plugins/hudson/model/ChangeSet.java
Log Message:
-----------
Fix bug in assignment
Signed-off-by: Miguel González <[email protected]>
Commit: a2649b492d39d47631f7d05eb8f6c45cd6332daf
https://github.com/jenkinsci/plasticscm-plugin/commit/a2649b492d39d47631f7d05eb8f6c45cd6332daf
Author: Miguel González <[email protected]>
Date: 2024-08-23 (Fri, 23 Aug 2024)
Changed paths:
M
src/main/java/com/codicesoftware/plugins/hudson/ClientConfigurationArguments.java
M src/main/java/com/codicesoftware/plugins/jenkins/tools/CmTool.java
Log Message:
-----------
Check for null
Signed-off-by: Miguel González <[email protected]>
Commit: e2c2b8a61f5504200a2a373d74dd8902add06861
https://github.com/jenkinsci/plasticscm-plugin/commit/e2c2b8a61f5504200a2a373d74dd8902add06861
Author: Miguel González <[email protected]>
Date: 2024-08-23 (Fri, 23 Aug 2024)
Changed paths:
M src/main/java/com/codicesoftware/plugins/hudson/PlasticSCM.java
M src/main/java/com/codicesoftware/plugins/hudson/PlasticSCMStep.java
M src/main/java/com/codicesoftware/plugins/jenkins/mergebot/MergebotScm.java
M
src/main/java/com/codicesoftware/plugins/jenkins/mergebot/MergebotScmStep.java
M
src/main/java/com/codicesoftware/plugins/jenkins/tools/CmToolInstaller.java
Log Message:
-----------
Suppress unused warnings
Signed-off-by: Miguel González <[email protected]>
Commit: 922a5285400d41cca94d9c45939b73c55067a28b
https://github.com/jenkinsci/plasticscm-plugin/commit/922a5285400d41cca94d9c45939b73c55067a28b
Author: Miguel González <[email protected]>
Date: 2024-08-23 (Fri, 23 Aug 2024)
Changed paths:
M src/main/java/com/codicesoftware/plugins/hudson/PlasticSCM.java
Log Message:
-----------
Remove unused code
Signed-off-by: Miguel González <[email protected]>
Commit: affec0b70780cb2a16204f9eebebcd038bc60c76
https://github.com/jenkinsci/plasticscm-plugin/commit/affec0b70780cb2a16204f9eebebcd038bc60c76
Author: Miguel González <[email protected]>
Date: 2024-08-23 (Fri, 23 Aug 2024)
Changed paths:
M src/main/java/com/codicesoftware/plugins/hudson/PlasticSCM.java
M src/main/java/com/codicesoftware/plugins/hudson/PlasticSCMStep.java
M src/main/java/com/codicesoftware/plugins/hudson/model/CleanupMethod.java
Log Message:
-----------
Remove deprecated variable
Signed-off-by: Miguel González <[email protected]>
Commit: 52dd582070338585eace44392129886259e66881
https://github.com/jenkinsci/plasticscm-plugin/commit/52dd582070338585eace44392129886259e66881
Author: Miguel González <[email protected]>
Date: 2024-08-23 (Fri, 23 Aug 2024)
Changed paths:
M src/main/java/com/codicesoftware/plugins/jenkins/tools/CmTool.java
Log Message:
-----------
Avoid catching `NullPointerException`
Signed-off-by: Miguel González <[email protected]>
Commit: 8a871113be5c3dea825178a8595defa0e0ebe2b1
https://github.com/jenkinsci/plasticscm-plugin/commit/8a871113be5c3dea825178a8595defa0e0ebe2b1
Author: Miguel González <[email protected]>
Date: 2024-08-23 (Fri, 23 Aug 2024)
Changed paths:
M src/main/java/com/codicesoftware/plugins/jenkins/tools/CmTool.java
Log Message:
-----------
Remove redundant condition
Signed-off-by: Miguel González <[email protected]>
Compare:
https://github.com/jenkinsci/plasticscm-plugin/compare/42ac6daa8131%5E...8a871113be5c
To unsubscribe from these emails, change your notification settings at
https://github.com/jenkinsci/plasticscm-plugin/settings/notifications
--
You received this message because you are subscribed to the Google Groups
"Jenkins Commits" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/jenkinsci-commits/jenkinsci/plasticscm-plugin/push/refs/heads/miguel/fix-security-alerts/missing-post-annotation/000000-8a8711%40github.com.
