- 06 2月, 2015 8 次提交
-
-
由 Jesse Glick 提交于
Conflicts: test/src/test/java/hudson/tasks/BuildTriggerTest.java
-
由 Jesse Glick 提交于
@RandomlyFails
-
由 Jesse Glick 提交于
-
由 Ryan Campbell 提交于
[SECURITY-166] Make UI tests work across Jenkins versions
-
由 Jesse Glick 提交于
Conflicts: core/src/main/java/hudson/ClassicPluginStrategy.java core/src/main/java/hudson/cli/AddJobToViewCommand.java core/src/main/java/hudson/model/Run.java core/src/main/java/hudson/node_monitors/MonitorOfflineCause.java core/src/main/java/hudson/tasks/junit/JUnitResultArchiver.java core/src/main/java/jenkins/model/IdStrategyDescriptor.java core/src/main/resources/hudson/model/AbstractProject/configure-common_ru.properties core/src/main/resources/hudson/model/AbstractProject/configure-common_tr.properties core/src/main/resources/hudson/model/FileParameterValue/value_pt_BR.properties core/src/main/resources/hudson/model/Job/index.jelly core/src/main/resources/hudson/model/TextParameterDefinition/config_pt_BR.properties core/src/main/resources/hudson/node_monitors/Messages_cs.properties core/src/main/resources/hudson/node_monitors/Messages_sv_SE.properties core/src/main/resources/hudson/security/SecurityRealm/signup.jelly core/src/main/resources/hudson/slaves/CommandConnector/config_pt_BR.properties core/src/main/resources/hudson/views/BuildButtonColumn/column.properties core/src/main/resources/jenkins/diagnosis/HsErrPidList/index_pt_BR.properties core/src/main/resources/jenkins/model/IdStrategy/config.jelly core/src/main/resources/jenkins/model/Jenkins/MasterComputer/_api.jelly core/src/main/resources/jenkins/model/Jenkins/load-statistics_pt_BR.properties core/src/main/resources/jenkins/security/s2m/AdminCallableMonitor/message.jelly core/src/main/resources/jenkins/security/s2m/AdminWhitelistRule/index_pt_BR.properties core/src/main/resources/jenkins/slaves/systemInfo/EnvVarsSlaveInfo/systemInfo.jelly core/src/main/resources/jenkins/slaves/systemInfo/Messages.properties core/src/main/resources/jenkins/slaves/systemInfo/Messages_da.properties core/src/main/resources/jenkins/slaves/systemInfo/Messages_de.properties core/src/main/resources/jenkins/slaves/systemInfo/Messages_fr.properties core/src/main/resources/jenkins/slaves/systemInfo/Messages_ja.properties core/src/main/resources/jenkins/slaves/systemInfo/Messages_nl.properties core/src/main/resources/jenkins/slaves/systemInfo/Messages_pt_BR.properties core/src/main/resources/jenkins/slaves/systemInfo/Messages_zh_TW.properties core/src/main/resources/jenkins/triggers/Messages_fr.properties core/src/main/resources/lib/form/class-entry.jelly core/src/main/resources/lib/form/helpLink_pt_BR.properties core/src/main/resources/lib/form/link.jelly core/src/main/resources/lib/hudson/project/configurable.properties core/src/main/resources/lib/hudson/project/configurable_bg.properties core/src/main/resources/lib/hudson/project/configurable_es_AR.properties core/src/main/resources/lib/hudson/project/configurable_eu.properties core/src/main/resources/lib/hudson/project/configurable_gl.properties core/src/main/resources/lib/hudson/project/configurable_hi_IN.properties core/src/main/resources/lib/hudson/project/configurable_nl.properties core/src/main/resources/lib/hudson/project/configurable_tr.properties core/src/main/resources/lib/hudson/project/console-link.jelly core/src/main/resources/lib/hudson/project/console-link_pt_BR.properties core/src/main/resources/lib/layout/pane_de.properties core/src/main/resources/lib/layout/pane_pt.properties core/src/main/resources/lib/layout/pane_pt_BR.properties core/src/main/resources/lib/layout/task_pt.properties core/src/test/java/hudson/util/XStream2Test.java pom.xml test/pom.xml test/src/test/java/hudson/model/AbstractItemSecurityTest.java test/src/test/resources/lib/layout/IconTest/03_testTask.jelly war/src/main/webapp/scripts/msie.js
-
由 Jesse Glick 提交于
[SECURITY-125] Matrix project script security
-
由 Ryan Campbell 提交于
-
由 James Nord 提交于
[SECURITY-167] Followup tweaks to address review comments.
-
- 05 2月, 2015 28 次提交
-
-
由 Jesse Glick 提交于
-
由 Jesse Glick 提交于
-
由 James Nord 提交于
-
由 Ryan Campbell 提交于
Fixes for SECURITY-166
-
由 James Nord 提交于
Addresses some comments received after the original fix was merged.
-
由 Jesse Glick 提交于
-
由 Jesse Glick 提交于
-
由 Jesse Glick 提交于
Conflicts: core/src/main/java/hudson/model/AbstractItem.java core/src/main/resources/hudson/model/Messages.properties
-
由 Jesse Glick 提交于
-
由 James Nord 提交于
SECURITY-167 defend against XXE attacks in core https://issues.jenkins-ci.org/browse/SECURITY-167
-
由 Jesse Glick 提交于
Reproducible for example via HelpLinkTest.testMatrixConfig. Otherwise have: matrix-project → script-security → matrix-auth → windows-slaves → antisamy-markup-formatter → matrix-project Tried to come up with a generic way of doing this automatically, but failed. Just because we bundle a particular build of some plugin does not mean it was built against anything recent, and for use on older cores it may well need some of those implicit dependencies.
-
由 Jesse Glick 提交于
Otherwise FingerprinterTest.matrixDependency throws an AbstractMethodError.
-
由 Jesse Glick 提交于
-
由 Jesse Glick 提交于
(cherry picked from commit 0bd831e2)
-
由 Jesse Glick 提交于
(cherry picked from commit 747d550c)
-
由 Jesse Glick 提交于
(cherry picked from commit 9259f873)
-
由 Jesse Glick 提交于
(cherry picked from commit 071951e6)
-
由 Jesse Glick 提交于
(cherry picked from commit b628b472)
-
由 Jesse Glick 提交于
(cherry picked from commit 04aace98)
-
由 Jesse Glick 提交于
(cherry picked from commit e4ba41d5)
-
由 Jesse Glick 提交于
(cherry picked from commit 5d9e4d7b)
-
由 Jesse Glick 提交于
(cherry picked from commit b9d8f554)
-
由 Jesse Glick 提交于
(cherry picked from commit 42195d83)
-
由 Jesse Glick 提交于
(cherry picked from commit dbed3044) Conflicts: core/src/main/java/hudson/model/Run.java
-
由 Jesse Glick 提交于
(cherry picked from commit d72fda46)
-
由 Jesse Glick 提交于
(cherry picked from commit e405078e)
-
由 Jesse Glick 提交于
(cherry picked from commit 4aad749c) Conflicts: core/src/main/java/hudson/matrix/MatrixBuild.java core/src/main/java/hudson/matrix/MatrixConfiguration.java core/src/main/java/hudson/matrix/MatrixProject.java core/src/main/resources/hudson/matrix/MatrixProject/configure-entries.jelly
-
由 Ryan Campbell 提交于
-
- 04 2月, 2015 4 次提交
-
-
由 Ryan Campbell 提交于
-
由 Ryan Campbell 提交于
These users can still be instantiated, as would happen if there is no security and an anonymous user triggers a build -- the anonymous user would correctly be created and added to the User list. This fix merely prevents the saving of that user, and therefore prevents them from logging in. There may be some plugins which trigger a build as the SYSTEM user, and that is not prohibited here. Also prevent full names of 'anonymous', 'system' or 'uknown'. As discussed on SECURITY-166 this may encumber auditing since full names are used in most places in the UI
-
由 James Nord 提交于
add stack trace so the offending plugin/code can be identified
-
由 James Nord 提交于
-