Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

[JENKINS-73943] Remove legacy checkUrl usage in AggregatedTestResutPublisher/config.jelly #657

Merged
merged 1 commit into from
Oct 16, 2024
Merged

[JENKINS-73943] Remove legacy checkUrl usage in AggregatedTestResutPublisher/config.jelly #657

merged 1 commit into from
Oct 16, 2024

Conversation

yaroslavafenkin
Copy link
Contributor

https://issues.jenkins.io/browse/JENKINS-73943

I've renamed the check method and dropped checkUrl attribute completely to let https://github.com/jenkinsci/jenkins/blob/dc4ad7e1a872e6dd9504f6c1ff1f95d84ca6046b/core/src/main/java/hudson/util/FormValidation.java#L625-L727 do its magic and wire things up for us.
While doCheck sounded generic to me I found no places in code referencing it, so I assume it's safe to rename.

Testing done

https://www.loom.com/share/27c91cc2a4d9480c867ed7cca651bd77?sid=ad8da66b-e52e-4e6e-bfc1-3b9525fb384d

https://www.loom.com/share/aaca1ff0b6274d44a102257baacc9fd9?sid=c8d997ed-11d7-4165-825c-ce5d2defcee7

Submitter checklist

  • Make sure you are opening from a topic/feature/bugfix branch (right side) and not your main branch!
  • Ensure that the pull request title represents the desired changelog entry
  • Please describe what you did
  • Link to relevant issues in GitHub or Jira
  • Link to relevant pull requests, esp. upstream and downstream changes
  • Ensure you have provided tests - that demonstrates feature works or fixes the issue

@yaroslavafenkin yaroslavafenkin requested a review from a team as a code owner October 16, 2024 13:39
@yaroslavafenkin
Copy link
Contributor Author

Infrastructure issue in the Jenkins security scan run:

Run wget --no-verbose https://downloads.apache.org/maven/maven-3/$MAVEN_VERSION/binaries/apache-maven-$MAVEN_VERSION-bin.tar.gz
failed: Connection timed out.
failed: Connection timed out.
failed: Network is unreachable.
failed: Network is unreachable.

github-advanced-security[bot]
github-advanced-security bot found potential problems Oct 16, 2024
View reviewed changes
src/main/java/hudson/tasks/test/AggregatedTestResultPublisher.java
@@ -370,7 +370,7 @@
return Messages.AggregatedTestResultPublisher_DisplayName();
}

public FormValidation doCheck(@AncestorInPath AbstractProject project, @QueryParameter String value) {
public FormValidation doCheckJobs(@AncestorInPath AbstractProject project, @QueryParameter String value) {

Check warning

Code scanning / Jenkins Security Scan

Stapler: Missing POST/RequirePOST annotation Warning test

Potential CSRF vulnerability: If DescriptorImpl#doCheckJobs connects to user-specified URLs, modifies state, or is expensive to run, it should be annotated with @POST or @RequirePOST
@basil basil added the internal label Oct 16, 2024
basil
basil approved these changes Oct 16, 2024
View reviewed changes
Copy link
Member

@basil basil left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the PR!

@basil basil merged commit 693f7fd into jenkinsci:master Oct 16, 2024
17 checks passed
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers

@basil basil basil approved these changes

Assignees
No one assigned
Labels
internal
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@yaroslavafenkin @basil