Thanks for the feedback and suggestions. On Monday, April 4, 2022 at 6:09:05 PM UTC+2 Mark Waite wrote:
> On Monday, April 4, 2022 at 9:32:56 AM UTC-6 Arun Suresh wrote: > >> JMeter performance plugin is listed with vulnerability: >> https://plugins.jenkins.io/performance/ >> So currently its not safe to use this plugin( >> https://www.jenkins.io/security/advisory/2021-11-12/#SECURITY-2394). >> >> Can you please help us to fix this issue. Currently I'm facing issue that >> I don't find any other alternative plugin also to use since this plugin >> currently have this vulnerability. >> Due to this vulnerability, currently security guidelines is not allowing >> us to use this plugin. Will be extremely helpful if you can support us >> here. >> >> The current maintainers were informed of the vulnerability before it was > published without a fix. They did not have the capacity to fix it. I > assume they still do not have the capacity to fix it. > > You are welcome to adopt the plugin and fix the issue. It would be a good > way for your employer to get the fix they need and a good way for them to > contribute to the Jenkins community. The "Contributing to Open Source" > <https://docs.google.com/document/d/1PKYIpPlRVGsBqrz0Ob1Cv3cefOZ5j2xtGZdWs27kLuw/edit?usp=sharing> > > workshop from DevOps World 2021 provides a series of steps that you could > take to prepare to adopt the performance plugin. There is a five part > video series <https://www.youtube.com/watch?v=Fev8KfFsPZE> linked in that > document that introduces the concepts and illustrates the tasks to consider > as you adopt a plugin. > > As another alternative, you could push the JMeter results to a different > location (a web server somewhere inside your company) and guide people to > read the results from that web server. > > Mark Waite > -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/aded6d82-4e16-4718-b7b9-5a8fcb29b499n%40googlegroups.com.
