So re surfacing this old topic now that we've merged and deployed the
updated plugin site with GitHub releases and jira issues
My next steps is start supporting GitHub issues for plugins that uses them.
But this topic never came to a conclusion.
If we are officially supporting GitHub issues,
Thank you, Oleg and the Security Team!
Dmitry
On Tuesday, June 9, 2020 at 8:00:25 AM UTC-7, Oleg Nenashev wrote:
>
> Dear all,
>
> As you may have noticed, the release artifact uploads are currently
> blocked in the Jenkins Artifactory instances (https://repo.jenkins-ci.org/).
> We are doing a
Dear all,
As you may have noticed, the release artifact uploads are currently blocked
in the Jenkins Artifactory instances (https://repo.jenkins-ci.org/). We are
doing a security investigation due to a partial user database loss on June
02. Today we blocked releases to the Jenkins artifactory,
Downloads are restored. Another workaround has been applied by Daniel in
https://github.com/jenkins-infra/repository-permissions-updater/pull/1569 ,
so no user downloads are no longer broken.
Thanks a lot to Daniel Beck for the quick fix!
Uploads are still blocked for everyone except a few
We are also experiencing issues with artifact downloads, likely a
collateral damage after the change
On Tuesday, June 9, 2020 at 11:15:03 AM UTC+2, Oleg Nenashev wrote:
>
> Hi all,
>
> An official update w.r.t this topic is coming soon. I confirm the
> assessment by Dmitry, it is a potential
Hi all,
An official update w.r.t this topic is coming soon. I confirm the
assessment by Dmitry, it is a potential security risk which was reported on
multiple occasions. SECURITY-1895 is a report for this incident, and it is
currently being investigated by the security team.
Just to provide
Hi all,
It brings me great joy in introducing the Jenkins community to one of the
ongoing Google Summer of Code (GSoC) projects: *External Fingerprint
Storage for Jenkins*.
File fingerprinting is a way to track which version of a file is being used
by a job/build, making dependency tracking
Hi all,
I've done the following:
* linux docker - was t3.small, now t3a.large (2 core 8gb)
* arm64 - was a1.medium, now t3a.large (2 core 8gb)
ref: https://aws.amazon.com/ec2/pricing/on-demand/ (region is US East)
Let's monitor and see how we go (pricing and performance wise)
High mem could