- 28 9月, 2014 2 次提交
-
-
由 Kohsuke Kawaguchi 提交于
Bumping up dependencies to 1.3.1, with extra precaution to make DiskFileItem non-serializable
-
由 Kohsuke Kawaguchi 提交于
-
- 26 9月, 2014 1 次提交
-
-
由 Jesse Glick 提交于
(cherry picked from commit 261f4053)
-
- 25 9月, 2014 1 次提交
-
-
由 Jesse Glick 提交于
(cherry picked from commit facfc178)
-
- 23 9月, 2014 2 次提交
-
-
由 Jesse Glick 提交于
[JENKINS-21984] Disabling cert check on updateDirectlyWithJson since the certificate is now expired, and it is no good to have a test which is known to start failing at a particular time in the future! (cherry picked from commit 334ce1be)
-
由 Jesse Glick 提交于
The jenkins_main_trunk job has been retired, so for now just skip these tests when running on any Jenkins server. (cherry picked from commit b7d4c6a4) Conflicts: test/src/test/groovy/hudson/cli/BuildCommandTest.groovy
-
- 20 9月, 2014 10 次提交
-
-
由 Jesse Glick 提交于
For reasons TBD, sometimes CI tests fail with (1.565.x): java.lang.InterruptedException: null at java.lang.Object.wait(Native Method) at java.lang.Object.wait(Object.java:503) at org.jvnet.hudson.reactor.Reactor.execute(Reactor.java:267) at jenkins.InitReactorRunner.run(InitReactorRunner.java:44) at jenkins.model.Jenkins.executeReactor(Jenkins.java:915) at jenkins.model.Jenkins.<init>(Jenkins.java:814) at hudson.model.Hudson.<init>(Hudson.java:82) at org.jvnet.hudson.test.JenkinsRule.newHudson(JenkinsRule.java:539) at org.jvnet.hudson.test.JenkinsRule.before(JenkinsRule.java:331) at org.jvnet.hudson.test.JenkinsRule$2.evaluate(JenkinsRule.java:479) (cherry picked from commit 7bbf36b7)
-
由 Jesse Glick 提交于
Trying to make SocketTimeoutException’s (as originally noted in 3ec7e562) not turn into test errors. (Works only in JenkinsRule, not HudsonTestCase.) Still have no clue as to cause. (cherry picked from commit 6fd76ea2) Conflicts: test/src/main/java/org/jvnet/hudson/test/JenkinsRule.java
-
由 Jesse Glick 提交于
For example https://jenkins.ci.cloudbees.com/job/core/job/jenkins-core-validated-merge/38/testReport/lib.layout/LayoutTest/rejectedLinks/ failed with: java.io.IOException: GET http://localhost:52099/jenkins/login failed at java.net.SocketInputStream.socketRead0(Native Method) at java.net.SocketInputStream.read(SocketInputStream.java:152) at java.net.SocketInputStream.read(SocketInputStream.java:122) at java.io.BufferedInputStream.fill(BufferedInputStream.java:235) at java.io.BufferedInputStream.read(BufferedInputStream.java:254) at org.apache.commons.httpclient.HttpParser.readRawLine(HttpParser.java:78) at org.apache.commons.httpclient.HttpParser.readLine(HttpParser.java:106) at org.apache.commons.httpclient.HttpConnection.readLine(HttpConnection.java:1116) at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.readLine(MultiThreadedHttpConnectionManager.java:1413) at org.apache.commons.httpclient.HttpMethodBase.readStatusLine(HttpMethodBase.java:1973) at org.apache.commons.httpclient.HttpMethodBase.readResponse(HttpMethodBase.java:1735) at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1098) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:346) at com.gargoylesoftware.htmlunit.HttpWebConnection.getResponse(HttpWebConnection.java:101) at com.gargoylesoftware.htmlunit.WebClient.loadWebResponseFromWebConnection(WebClient.java:1456) at com.gargoylesoftware.htmlunit.WebClient.loadWebResponse(WebClient.java:1387) at com.gargoylesoftware.htmlunit.WebClient.getPage(WebClient.java:328) at com.gargoylesoftware.htmlunit.WebClient.getPage(WebClient.java:389) at com.gargoylesoftware.htmlunit.WebClient.getPage(WebClient.java:374) at org.jvnet.hudson.test.JenkinsRule$WebClient.goTo(JenkinsRule.java:1944) at org.jvnet.hudson.test.JenkinsRule$WebClient.goTo(JenkinsRule.java:1926) at lib.layout.LayoutTest.rejectedLinks(LayoutTest.java:44) which makes little sense since the named IOException is actually thrown from HttpWebConnection.java:130. Perhaps Surefire is not reporting the original cause correctly, conflating the wrapper’s message with the original stack trace. As a temporary measure, printing the original stack trace to stderr if there is any. (cherry picked from commit 3ec7e562) Conflicts: test/src/main/java/org/jvnet/hudson/test/JenkinsRule.java
-
由 Jesse Glick 提交于
[JENKINS-10615] AbstractProjectTest.testWorkspaceLock frequently fails on jenkins.ci due to InterruptedException in HudsonTestCase.setUp. Possibly because it is sorted after [JENKINS-15156] testGetBuildAfterGC and the test suite times out. (cherry picked from commit 85e9e126)
-
由 Jesse Glick 提交于
[JENKINS-19192] Using JNR 3.0.1 which includes JNR-FFI 1.0.7; 1.0.6 has the backported fix for Guava #1505, the root cause. So this upgrade ought to prevent a recurrence of the issue in case some other code refers to JNR from the CLI. (As yet untested, and we do not especially want to send JNR over the CLI channel anyway for performance reasons.)
-
由 Kohsuke Kawaguchi 提交于
(cherry picked from commit 5e7b844b) Conflicts: changelog.html
-
由 Jesse Glick 提交于
Stapler 1.218.1 was apparently never even deployed to the Maven repo, so let us just skip straight to 1.229 which has the fix and which we are using in the merged release branches anyway.
-
由 Jesse Glick 提交于
(cherry picked from commit 71600d8b)
-
由 Jesse Glick 提交于
(cherry picked from commit 9b53643c) Conflicts: pom.xml
-
由 Kohsuke Kawaguchi 提交于
See https://github.com/jenkinsci/maven-plugin (cherry picked from commit f98070d3) Conflicts: maven-plugin/pom.xml maven-plugin/src/main/java/hudson/maven/AbstractMavenProcessFactory.java maven-plugin/src/main/java/hudson/maven/MavenModuleSetBuild.java maven-plugin/src/main/java/hudson/maven/MavenProcessFactory.java maven-plugin/src/main/resources/hudson/maven/MavenModuleSet/configure-entries.jelly plugins/pom.xml pom.xml
-
- 03 9月, 2014 5 次提交
-
-
由 Kohsuke Kawaguchi 提交于
Added "X-Content-Type-Options: nosniff" for serving user-generated contents to improve security a little bit
-
由 Kohsuke Kawaguchi 提交于
Plugins that depend on LTS shouldn't be using this API.
-
由 Kohsuke Kawaguchi 提交于
CONFIGURE permission shouldn't allow the type of the job to be changed. That's more of CREATE+DELETE. In any case, the code doesn't correctly handling submitting config.xml for a different type.
-
由 Kohsuke Kawaguchi 提交于
After talking to Jesse, he's OK with me bringing it back to public so long as we don't allow other programmatic dependencies to it. The intention of leaving them mutable is to allow admins to play with this in the groovy script during the initialization and at runtime. Groovy currently ignores the private access modifier anyway, but that is considered as a bug in the upstream (https://jira.codehaus.org/browse/GROOVY-3010)
-
由 Kohsuke Kawaguchi 提交于
It may be that the 'newName' exists and just not visible to the user trying to do a rename
-
- 01 9月, 2014 1 次提交
-
-
由 Jesse Glick 提交于
[SECURITY-120] Do not print a warning with stack trace just because we are using a 2.x servlet container.
-
- 31 8月, 2014 1 次提交
-
-
由 Jesse Glick 提交于
-
- 30 8月, 2014 6 次提交
-
-
由 Kohsuke Kawaguchi 提交于
If Jenkins URL is set to https, force the secure flag. Also force the cookie to be HTTP only, which mitigates the damage that XSS can cause. See https://www.owasp.org/index.php/SecureFlag
-
由 Kohsuke Kawaguchi 提交于
Don't let UsernameNotFoundException vs BadCredentialsException difference to be seen by the caller, for that tells whether the user exists or not. But to assist trouble-shooting, do report that error to the server. UUID helps the user finds the information in the log file
-
由 Kohsuke Kawaguchi 提交于
Don't wait for a connection forever, which can cause the thread to hang forever if the upload link never arrives
-
由 Kohsuke Kawaguchi 提交于
ZeroClipboard 1.3.5 is rather incompatible with 1.1.7, and various API changes were needed. - setText() call doesn't work until the DOM is populated, which is at some unknown time AFAICT. installing it via the datarequested event avoids this problem. - constructor now demands the element to attach to, and it's unclear if relative positioning is working or not. - "display: inline-block" is needed for ZeroClipboard to correctly compute the height of the element
-
由 Kohsuke Kawaguchi 提交于
Protect default password value from users who are triggering builds.
-
由 Kohsuke Kawaguchi 提交于
Coerce the parameter value to one of a legal value
-
- 23 8月, 2014 2 次提交
-
-
由 Jesse Glick 提交于
[FIXED SECURITY-155] Do not allow plugin code to be downloaded via doDynamic, only static resources.
-
由 Jesse Glick 提交于
In this case we are probably interested in looking at the output as it arrives in real time. Can always be overridden on the command line if desired. (cherry picked from commit 44a8ec11)
-
- 21 8月, 2014 3 次提交
-
-
由 Jesse Glick 提交于
[FIXED SECURITY-131] Recode restOfPath before constructing URLs from it, so it cannot be used for directory traversal.
-
由 Jesse Glick 提交于
Seems to work in 8.0 at least for some functional tests. Developers can always disable it privately if they run into issues. (cherry picked from commit 7b420175) Conflicts: pom.xml
-
由 Jesse Glick 提交于
-
- 31 7月, 2014 1 次提交
-
-
由 Jesse Glick 提交于
Updating branch base to 1.532.
-
- 12 2月, 2014 5 次提交
-
-
由 Jesse Glick 提交于
-
由 Jesse Glick 提交于
-
由 Jesse Glick 提交于
[FIXED SECURITY-109] SECURITY-55 fix to BuildTrigger configuration failed if downstream project was not visible.
-
由 Vojtech Juranek 提交于
-
由 Jesse Glick 提交于
[FIXED SECURITY-107] When security-related fields in Jenkins cannot be unmarshaled, it is best to halt startup.
-