Uploaded image for project: 'Infrastructure'
  1. Infrastructure
  2. INFRA-2760

Sign up for code scanning

    XMLWordPrintable

    Details

    • Similar Issues:

      Description

      Please enable code scanning in

      • ant
      • artifact-manager-s3
      • aws-global-configuration
      • build-symlink
      • build-token-root
      • command-launcher
      • credentials-binding
      • kubernetes-client-api
      • kubernetes
      • log-cli
      • mercurial
      • parallel-test-executor

        Attachments

          Activity

          jglick Jesse Glick created issue -
          danielbeck Daniel Beck made changes -
          Field Original Value New Value
          Assignee Daniel Beck [ danielbeck ]
          danielbeck Daniel Beck made changes -
          Status Open [ 1 ] In Progress [ 3 ]
          Hide
          danielbeck Daniel Beck added a comment -

          It's currently running. Any of the plugin repos with findings will show an "unread indicator" on the "Security" tab in the repo.

          We're using CodeQL as the tech for this, but only execute Jenkins-specific queries. For general purpose queries, you can check out the plugin repos on lgtm.com, or e.g. https://github.com/jenkinsci/ant-plugin/security/code-scanning/setup to set up "normal" code scanning queries.

          Show
          danielbeck Daniel Beck added a comment - It's currently running. Any of the plugin repos with findings will show an "unread indicator" on the "Security" tab in the repo. We're using CodeQL as the tech for this, but only execute Jenkins-specific queries. For general purpose queries, you can check out the plugin repos on lgtm.com, or e.g. https://github.com/jenkinsci/ant-plugin/security/code-scanning/setup to set up "normal" code scanning queries.
          Hide
          danielbeck Daniel Beck added a comment -

          The scan is complete, any warnings are shown on the GitHub UI.

          I'd interested to know what you think. If you have any suggestions for improvements, please file them in https://github.com/jenkinsci-cert/codeql

          Show
          danielbeck Daniel Beck added a comment - The scan is complete, any warnings are shown on the GitHub UI. I'd interested to know what you think. If you have any suggestions for improvements, please file them in https://github.com/jenkinsci-cert/codeql
          danielbeck Daniel Beck made changes -
          Resolution Fixed [ 1 ]
          Status In Progress [ 3 ] Resolved [ 5 ]
          Hide
          jglick Jesse Glick added a comment -
          Show
          jglick Jesse Glick added a comment - https://github.com/jenkinsci-cert/codeql/compare/main...jenkinsci-cert that is. Thanks, will take a peek.
          Hide
          danielbeck Daniel Beck added a comment -

          Jesse Glick You're welcome to "just" file issues at https://github.com/jenkinsci-cert/codeql/issues

          Otherwise, if you want to dig deeper, https://github.com/jenkinsci-cert/codeql/wiki

          Show
          danielbeck Daniel Beck added a comment - Jesse Glick You're welcome to "just" file issues at https://github.com/jenkinsci-cert/codeql/issues Otherwise, if you want to dig deeper, https://github.com/jenkinsci-cert/codeql/wiki
          danielbeck Daniel Beck made changes -
          Labels code-scanning

            People

            Assignee:
            danielbeck Daniel Beck
            Reporter:
            jglick Jesse Glick
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: