[ https://issues.jenkins-ci.org/browse/JENKINS-10326?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=158992#comment-158992 ]
Mikko Tapaninen commented on JENKINS-10326: ------------------------------------------- Has there been any progress on this one? Any insight to give what to actually look at if we fix it on our end and provide a patch later? > Password is exposed in build metadata. > -------------------------------------- > > Key: JENKINS-10326 > URL: https://issues.jenkins-ci.org/browse/JENKINS-10326 > Project: Jenkins > Issue Type: Bug > Components: perforce > Environment: Perforce Plugin 1.2.8 > Reporter: Rob Petti > Assignee: Rob Petti > Priority: Critical > > I've recently discovered that the perforce plugin stores the perforce > password plain text in the build.xml files used for serializing build > information. This seems to be a side effect of the PerforceTagAction > including the Depot object for later use during tagging, which has the > password inside it. This may or may not depend upon JENKINS-2947, as that > would eliminate the need for the Depot object to be stored. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jenkins-ci.org/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira