Hi Daniel, On Mon, 26 Apr 2021, at 14:35, Daniel Beck wrote: > Thanks for letting us know! > > The documentation for this specifically is at > https://www.jenkins.io/security/plugins/#followup
Oh right, I completely missed it, thanks for pointing this out! > I filed https://github.com/jenkins-infra/update-center2/pull/515 updating the > warning and will merge it once I confirm the issue was fully resolved. This > will remove the banner from plugins.jenkins.io and the warning shown to > admins inside Jenkins. Perfect, thanks a lot! Best, Jonathan > > On Mon, Apr 26, 2021 at 1:41 PM [email protected] <[email protected]> wrote: >> >> Hi, >> >> I became recently maintainer for the Nomad plugin >> <https://plugins.jenkins.io/nomad/>, and it currently shows a banner saying >> "The current version of this plugin contains a vulnerability", although it >> has been fixed (AFAIK) a 2 years ago >> <https://github.com/jenkinsci/nomad-plugin/commit/3331d24896b815c375e528207c5572e18631c49d>, >> and released in version v0.5.1 (latest version is v0.7.4). >> >> I'm also new to being a plugin maintainer, and after reading the security >> documentation for maintainers >> <https://www.jenkins.io/security/for-maintainers/>, I'm still not sure: >> >> * How is this banner generated? >> * How to acknowledge the fix and remove the banner from both the plugin page >> and from Jenkins itself? >> * Or, if there's an automated process that still finds the error, how to see >> that and fix the problem? >> >> Thanks for the pointers, >> >> Jonathan -- You received this message because you are subscribed to the Google Groups "Jenkins Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/d1cbcbbd-1c92-4ea5-a3cd-aa81e5f8da01%40www.fastmail.com.
