Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-53752

Block PRs from forks from untrusted users

    XMLWordPrintable

Details

    Description

      The plugin currently has no way to block untrusted users from making a PR from a fork and having this PR built by Jenkins. The GitHub Pull Request Builder does have this feature which is very useful for open source projects to protect the build system from malicious changes. The documentation on the GitHub Pull Request Builder wiki page says to move from the GHPRB plugin to the GitHub Branch source plugin which causes the user to lose this extremely useful functionality.

      Attachments

        Issue Links

          is duplicated by

          Bug - A problem which impairs or prevents the functions of the product. JENKINS-55778 Github branch source plugin builds untrusted builds during scan

          • Blocker - Blocks development and/or testing work, production could not run.
          • Resolved
          relates to

          New Feature - A new feature of the product, which has yet to be developed. JENKINS-46795 Abort builds with untrusted Jenkinsfile, but only given passive cause

          • Major - Major loss of function.
          • In Review

          Bug - A problem which impairs or prevents the functions of the product. JENKINS-53753 Misleading documentation for permissions

          • Major - Major loss of function.
          • Open
          links to

          Web Link PR #188

          Web Link scm-api#56

          Activity

            Ascending order - Click to sort in descending order
            roguishmountain Sam Schwarz created issue -
            markewaite Mark Waite made changes -
            Field Original Value New Value
            Attachment github-branch-source-discover-pull-requests.PNG [ 44586 ]
            abayer Andrew Bayer made changes -
            Link This issue relates to JENKINS-53753 [ JENKINS-53753 ]
            abayer Andrew Bayer made changes -
            Assignee Andrew Bayer [ abayer ]
            abayer Andrew Bayer made changes -
            Status Open [ 1 ] In Progress [ 3 ]
            abayer Andrew Bayer made changes -
            Status In Progress [ 3 ] In Review [ 10005 ]
            abayer Andrew Bayer made changes -
            Remote Link This issue links to "PR #188 (Web Link)" [ 21838 ]
            vivek Vivek Pandey made changes -
            Assignee Andrew Bayer [ abayer ] rsandell [ rsandell ]
            rsandell rsandell made changes -
            Remote Link This issue links to "scm-api#56 (Web Link)" [ 22168 ]
            brianjmurrell Brian J Murrell made changes -
            Link This issue is duplicated by JENKINS-55778 [ JENKINS-55778 ]
            bitwiseman Liam Newman made changes -
            Assignee rsandell [ rsandell ] Liam Newman [ bitwiseman ]
            brianjmurrell Brian J Murrell made changes -
            Attachment image-2019-07-23-10-28-00-893.png [ 48060 ]
            bitwiseman Liam Newman made changes -
            Resolution Fixed [ 1 ]
            Status In Review [ 10005 ] Resolved [ 5 ]
            jglick Jesse Glick made changes -
            Resolution Fixed [ 1 ]
            Status Resolved [ 5 ] Reopened [ 4 ]
            jglick Jesse Glick made changes -
            Labels configuration security configuration security stalled-pr
            jglick Jesse Glick made changes -
            Assignee Liam Newman [ bitwiseman ]
            jglick Jesse Glick made changes -
            Link This issue relates to JENKINS-46795 [ JENKINS-46795 ]

            People

              Unassigned Unassigned
              roguishmountain Sam Schwarz
              Votes:
              6 Vote for this issue
              Watchers:
              12 Start watching this issue

              Dates

                Created:
                Updated: