Branch: refs/heads/master
Home: https://github.com/jenkinsci/scriptler-plugin
Commit: 4568ac40235edac5d0a26d817f8252a7a7757472
https://github.com/jenkinsci/scriptler-plugin/commit/4568ac40235edac5d0a26d817f8252a7a7757472
Author: Wadeck Follonier <wadeck.follon...@gmail.com>
Date: 2018-01-05 (Fri, 05 Jan 2018)
Changed paths:
M
src/main/java/org/jenkinsci/plugins/scriptler/builder/ScriptlerBuilder.java
M src/main/java/org/jenkinsci/plugins/scriptler/config/Parameter.java
A
src/test/java/org/jenkinsci/plugins/scriptler/builder/ScriptlerBuilderTest.java
A
src/test/java/org/jenkinsci/plugins/scriptler/builder/ScriptlerBuilderWithRestartTest.java
M
src/test/java/org/jenkinsci/plugins/scriptler/restapi/ScriptlerRestApiTest.java
M src/test/resources/JENKINS-13518.json
M src/test/resources/simple1.json
M src/test/resources/simple2.json
Log Message:
-----------
[SECURITY-365][SECURITY-366][SECURITY-678] Validate data submission
[SECURITY-365] Low privilege users cannot add script step anymore using POST
config.xml
- the XML deserialization now uses the same validation as for the
doConfigSubmit from Web UI
- support for core before 1.625 by throwing an Error during XML unmarshalling
- support for core after 1.625 by using the "new" CriticalXStreamException
[SECURITY-366] Scripts cannot be added anymore by scriptId (name)
- the scriptId is used to check if the current script is usable inside a step
- an additional test was already put in place to ensure during the run phase,
the script are tested
- this correction is just there to prevent the submission of the incorrect data
[SECURITY-678] Script steps cannot be duplicate anymore from another project
- previously we trusted the user to provide the project in order to validate
the builderId
- now we use the request last ancestor to collect the project information
- the check concerns only the low-privilege users that try to modify an
existing step
- also add support builderId that are empty, to be consistent with XML
submission
- remove totally the "backupJobName" field that was used for such goal
previously
[misc]
- correct the static / non-static of rules in ScriptlerRestApiTest that make
the tests non-runnable
- add generated equals/hashcode methods for ScriptlerBuilder and Parameter to
check if modifications were applied
Commit: 31f23de24783d3ad458b5ba0210c4d0765e646d0
https://github.com/jenkinsci/scriptler-plugin/commit/31f23de24783d3ad458b5ba0210c4d0765e646d0
Author: Wadeck Follonier <wadeck.follon...@gmail.com>
Date: 2018-01-05 (Fri, 05 Jan 2018)
Changed paths:
M src/main/java/org/jenkinsci/plugins/scriptler/config/Parameter.java
Log Message:
-----------
- reput whitespaces
Commit: e94b85d027e9be56f1ecce9c49545c34c2543431
https://github.com/jenkinsci/scriptler-plugin/commit/e94b85d027e9be56f1ecce9c49545c34c2543431
Author: Wadeck Follonier <wadeck.follon...@gmail.com>
Date: 2018-03-06 (Tue, 06 Mar 2018)
Changed paths:
A src/test/java/org/jenkinsci/plugins/scriptler/util/UIHelperTest.java
Log Message:
-----------
readd the missing test
Commit: 0db5380fe2aea39657f96e27a5ccca79e706e716
https://github.com/jenkinsci/scriptler-plugin/commit/0db5380fe2aea39657f96e27a5ccca79e706e716
Author: imod <d...@fortysix.ch>
Date: 2018-03-06 (Tue, 06 Mar 2018)
Changed paths:
M
src/main/java/org/jenkinsci/plugins/scriptler/builder/ScriptlerBuilder.java
M src/main/java/org/jenkinsci/plugins/scriptler/config/Parameter.java
A
src/test/java/org/jenkinsci/plugins/scriptler/builder/ScriptlerBuilderTest.java
A
src/test/java/org/jenkinsci/plugins/scriptler/builder/ScriptlerBuilderWithRestartTest.java
M
src/test/java/org/jenkinsci/plugins/scriptler/restapi/ScriptlerRestApiTest.java
A src/test/java/org/jenkinsci/plugins/scriptler/util/UIHelperTest.java
M src/test/resources/JENKINS-13518.json
M src/test/resources/simple1.json
M src/test/resources/simple2.json
Log Message:
-----------
Merge branch 'master-cert'
# Conflicts:
#
src/main/java/org/jenkinsci/plugins/scriptler/builder/ScriptlerBuilder.java
Compare:
https://github.com/jenkinsci/scriptler-plugin/compare/9030f585d4d1...0db5380fe2ae
--
You received this message because you are subscribed to the Google Groups
"Jenkins Commits" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to jenkinsci-commits+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
