Branch: refs/heads/disable-public-pr Home: https://github.com/jenkinsci/github-branch-source-plugin Commit: 746a2b31bd46eaa3594e4a3c044fc8a657a75725 https://github.com/jenkinsci/github-branch-source-plugin/commit/746a2b31bd46eaa3594e4a3c044fc8a657a75725 Author: Kohsuke Kawaguchi <k...@kohsuke.org> Date: 2016-02-25 (Thu, 25 Feb 2016)
Changed paths: M src/main/java/org/jenkinsci/plugins/github_branch_source/GitHubSCMSource.java Log Message: ----------- Disable PR builds for public repos As things stand right now, PR builds for public repositories are unsafe, due to the fact that anyone can submit a PR that modifies Jenkinsfile. As far as I am concerned, this is a regression; it used to be that this plugin did not automatically pick up PR builds. There are various efforts in progress to address this in different ways, and there are also other project recognizers that are considered that can change the situation. But until that happens, please disable this feature, for it's too easy for people to "incorrectly" use this functionality with public repositories and make their Jenkins instances vulnerable. -- You received this message because you are subscribed to the Google Groups "Jenkins Commits" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-commits+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.