Thanks for the feedback and suggestions. On Monday, April 4, 2022 at 6:09:05 PM UTC+2 Mark Waite wrote:
> On Monday, April 4, 2022 at 9:32:56 AM UTC-6 Arun Suresh wrote: > >> JMeter performance plugin is listed with vulnerability: >> https://plugins.jenkins.io/performance/ >> So currently its not safe to use this plugin( >> https://www.jenkins.io/security/advisory/2021-11-12/#SECURITY-2394). >> >> Can you please help us to fix this issue. Currently I'm facing issue that >> I don't find any other alternative plugin also to use since this plugin >> currently have this vulnerability. >> Due to this vulnerability, currently security guidelines is not allowing >> us to use this plugin. Will be extremely helpful if you can support us >> here. >> >> The current maintainers were informed of the vulnerability before it was > published without a fix. They did not have the capacity to fix it. I > assume they still do not have the capacity to fix it. > > You are welcome to adopt the plugin and fix the issue. It would be a good > way for your employer to get the fix they need and a good way for them to > contribute to the Jenkins community. The "Contributing to Open Source" > <https://docs.google.com/document/d/1PKYIpPlRVGsBqrz0Ob1Cv3cefOZ5j2xtGZdWs27kLuw/edit?usp=sharing> > > workshop from DevOps World 2021 provides a series of steps that you could > take to prepare to adopt the performance plugin. There is a five part > video series <https://www.youtube.com/watch?v=Fev8KfFsPZE> linked in that > document that introduces the concepts and illustrates the tasks to consider > as you adopt a plugin. > > As another alternative, you could push the JMeter results to a different > location (a web server somewhere inside your company) and guide people to > read the results from that web server. > > Mark Waite > -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/aded6d82-4e16-4718-b7b9-5a8fcb29b499n%40googlegroups.com.
