• Type: Improvement
• Resolution: Unresolved
• Priority: Minor
• Component/s: github-plugin
• Labels:

  None

[JENKINS-37956] Missing notification about request with bad secret for GitHub plugin

Ivan Tichý created issue - 2016-09-05 00:56

Ivan Tichý made changes - 2016-09-05 00:57

Summary

Original: Missing notification about bad secret in log for GitHub plugin

New: Missing notification about request with bad secret in log for GitHub plugin

Ivan Tichý made changes - 2016-09-05 00:58

Summary

Original: Missing notification about request with bad secret in log for GitHub plugin

New: Missing notification about request with bad secret for GitHub plugin

Ivan Tichý made changes - 2016-09-05 00:58

Description

Original: When github secret is used, there in no info (e.g. in log) about unsuccessful request. It might be good also as warning for unauthorised attack. From the Github side there is an icon showing whether the payload has been delivered (in webhooks and services). Also a possibility to check secret from settings is good.

New: When github secret is used, there in no info (e.g. in log) about unsuccessful request. It might be good also as warning for unauthorised attack. It can be listed in log or Github problems. From the Github side there is an icon showing whether the payload has been delivered (in webhooks and services). Also a possibility to check secret from settings is good. JENKINS-33974

Ivan Tichý made changes - 2016-09-05 00:59

Link

New: This issue is related to JENKINS-33974 [ JENKINS-33974 ]

Ivan Tichý made changes - 2016-09-05 00:59

Description

Original: When github secret is used, there in no info (e.g. in log) about unsuccessful request. It might be good also as warning for unauthorised attack. It can be listed in log or Github problems. From the Github side there is an icon showing whether the payload has been delivered (in webhooks and services). Also a possibility to check secret from settings is good. JENKINS-33974

New: When github secret is used there in no info (e.g. in log) about unsuccessful request. It might be good also as warning for unauthorised attack. It can be listed in log or Github problems. From the Github side there is an icon showing whether the payload has been delivered (in webhooks and services). Also a possibility to check secret from settings is good. JENKINS-33974

Ivan Tichý made changes - 2016-09-05 01:01

Description

Original: When github secret is used there in no info (e.g. in log) about unsuccessful request. It might be good also as warning for unauthorised attack. It can be listed in log or Github problems. From the Github side there is an icon showing whether the payload has been delivered (in webhooks and services). Also a possibility to check secret from settings is good. JENKINS-33974

New: When github secret is used there in no info (e.g. in log) about unsuccessful request. It might be good also as warning for unauthorised attack. It can be listed in log or Github hook problems. From the Github side there is an icon showing whether the payload has been delivered (in webhooks and services). Also a possibility to check secret from settings is good. JENKINS-33974

Kirill Merkushev made changes - 2016-10-12 21:59

Link

New: This issue relates to JENKINS-33974 [ JENKINS-33974 ]

Kirill Merkushev made changes - 2016-10-12 21:59

Link

Original: This issue relates to JENKINS-33974 [ JENKINS-33974 ]