Huge +1 from me. It's nice to have the rules publicly available and it overall integrating seamless with GitHub's code scan alerts. Hopefully we can get some more feedback on it, due it now being available to everyone and super simple to enable for plugin devs.
olamy commented on my security scan test PR this morning, that it would be nice to have this as step available in the Jenkinsfile to use on https://ci.jenkins.io/ I'm not sure how feasible that is without defeating the purpose of the GitHub action, though I'm dropping his feedback here nevertheless :P ~Alex db...@cloudbees.com schrieb am Dienstag, 22. Februar 2022 um 19:20:12 UTC+1: > > On Tue, Feb 22, 2022 at 6:59 PM 'Jesse Glick' via Jenkins Developers < > jenkin...@googlegroups.com> wrote: > >> Do we generally recommend this for any plugin? If so, it would be great >> to add this to `archetypes`. >> >> That's where I think we should end up, but I'd like to get some more scan > quality feedback first. The private beta wasn't as successful as I'd hoped > in getting that. Perhaps it no longer being an intransparent black box > helps with that :) > -- You received this message because you are subscribed to the Google Groups "Jenkins Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-dev+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/8a6ea7f4-c6d6-4515-a3f3-1c6041a9d256n%40googlegroups.com.
