Loading...

XML

Word

Printable

Type: New Feature
Resolution: Unresolved
Priority: Major
Component/s: github-branch-source-plugin
Labels:

Similar Issues:

Show

The plugin currently has no way to block untrusted users from making a PR from a fork and having this PR built by Jenkins. The GitHub Pull Request Builder does have this feature which is very useful for open source projects to protect the build system from malicious changes. The documentation on the GitHub Pull Request Builder wiki page says to move from the GHPRB plugin to the GitHub Branch source plugin which causes the user to lose this extremely useful functionality.

- - Sort By Name
  - Sort By Date
  - Ascending
  - Descending
  - Thumbnails
  - List
  - Download All

github-branch-source-discover-pull-requests.PNG
69 kB
2018-09-24 19:26
image-2019-07-23-10-28-00-893.png
60 kB
2019-07-23 14:28

is duplicated by

JENKINS-55778 Github branch source plugin builds untrusted builds during scan

Resolved

relates to

JENKINS-46795 Abort builds with untrusted Jenkinsfile, but only given passive cause

In Review

JENKINS-53753 Misleading documentation for permissions

Open

links to

PR #188

scm-api#56

Assignee:: Unassigned

Reporter:: Sam Schwarz

Votes:: 6 Vote for this issue

Watchers:: 12 Start watching this issue

Created:: 2018-09-24 17:15

Updated:: 2023-03-03 23:45

Details

Description

Attachments

Attachments

Issue Links

Activity

People

Dates