[ https://issues.jenkins-ci.org/browse/JENKINS-10326?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=159080#comment-159080 ]
Mikko Tapaninen commented on JENKINS-10326: ------------------------------------------- Thanks Rob. I'll let you know if we start fixing this. > Password is exposed in build metadata. > -------------------------------------- > > Key: JENKINS-10326 > URL: https://issues.jenkins-ci.org/browse/JENKINS-10326 > Project: Jenkins > Issue Type: Bug > Components: perforce > Environment: Perforce Plugin 1.2.8 > Reporter: Rob Petti > Assignee: Rob Petti > Priority: Critical > > I've recently discovered that the perforce plugin stores the perforce > password plain text in the build.xml files used for serializing build > information. This seems to be a side effect of the PerforceTagAction > including the Depot object for later use during tagging, which has the > password inside it. This may or may not depend upon JENKINS-2947, as that > would eliminate the need for the Depot object to be stored. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jenkins-ci.org/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira