Hi, I just realised that most of requests to host a new plugin on jenkins-ci are plugins which in some way or an other require a password or secret. Unfortunate most of these plugins add there own fields and persist this information in there own configuration instead of integrating with the credentials plugin [1]. I strongly believe that nowadays these passwords should not be handled by each single plugin it self anymore. Therefore I propose to ask(/force) every new plugin which requires a secret to integrate with the credentials plugin. When I say enforce, then I mean the people who fork the plugins should not do so before this requirement is met.
btw. we should have a checklist which talks about a minimal set of rules a new plugin should follow before we allow it to be forked. Other things I would like to see there are: - clear documentation - the <url>-tag in the pom.xml points to an existing page WDYT? /Domi [1] https://wiki.jenkins-ci.org/display/JENKINS/Credentials+Plugin -- You received this message because you are subscribed to the Google Groups "Jenkins Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/FCDED5AE-E3C2-49E7-976E-5FC84D31A164%40fortysix.ch. For more options, visit https://groups.google.com/d/optout.
