That's just a basic sample script. Here's a script that will give you
more info:
https://stackoverflow.com/questions/9815273/how-to-get-a-list-of-installed-jenkins-plugins-with-name-and-version-pair
-Khai
On Wed, Jun 15, 2016 at 4:32 PM, Thanh Ha wrote:
> I took a look at the groovy script i
I took a look at the groovy script idea. I think it might work but would be
a bit more involved than the example. It seems
Jenkins.instance.pluginManager.plugins simply prints a list of all plugins
without their details like version etc...
Regards,
Thanh
On 14 June 2016 at 20:11, Zaro wrote:
>
Thanks for the clarification Andrew. I almost thought you guys knew
something that upstream Jenkins didn't ; ) I am able to repro with
ver 1.651.2. I agree with Thanh, the correct fix is to add a new ACLs
to jenkins security plugin to allow retrieving plugin info. I've
reviewed Thanh's workarou
On 06/14/2016 12:18 PM, Zaro wrote:
> ahh, jenkins.io page confused me since it says latest LTS is 1.651.3
>
>
> On Tue, Jun 14, 2016 at 12:13 PM, Darragh Bailey
> wrote:
>> The 1.652.x series is an lts release, so fixes were backported to it that
>> are not in subsequent dev releases.
>>
>> D
ahh, jenkins.io page confused me since it says latest LTS is 1.651.3
On Tue, Jun 14, 2016 at 12:13 PM, Darragh Bailey
wrote:
> The 1.652.x series is an lts release, so fixes were backported to it that
> are not in subsequent dev releases.
>
> Darragh Bailey
> "Nothing is foolproof to a suffici
The 1.652.x series is an lts release, so fixes were backported to it that
are not in subsequent dev releases.
Darragh Bailey
"Nothing is foolproof to a sufficiently talented fool" - unknown
On 14 Jun 2016 20:02, "Zaro" wrote:
> - [ snippet ]
> >
> > The behavior changed betwee
- [ snippet ]
>
> The behavior changed between 1.651.1 and 1.652.2.
>
> Specifically this was a security fix that came in with 1.652.2. See the
> security fixes [0] that came with the release notes. Search for
> SECURITY-250 or CVE-2016-3723.
>
> -Andy-
>
> [0]
> https://wiki.jenki
On 8 June 2016 at 08:51, Darragh Bailey wrote:
> On 7 June 2016 at 21:35, Thanh Ha wrote:
>
>> Taking a look at the code, I realized the test command allowed spoofing
>> of the plugins_info. I thought I'd try and see what happens if we allowed
>> spoofing with the update command too and submitte
On 06/08/2016 05:51 AM, Darragh Bailey wrote:
--[snip]--
>
> Unfortunately it's come to our attention that this feature in
> Jenkins requires the Administrator permission which can be
> problematic if you have an environment where you prefer not to
> give this per
Hi Thanh,
Comments inline.
On 7 June 2016 at 21:35, Thanh Ha wrote:
> Taking a look at the code, I realized the test command allowed spoofing of
> the plugins_info. I thought I'd try and see what happens if we allowed
> spoofing with the update command too and submitted this patch:
>
> ht
Taking a look at the code, I realized the test command allowed spoofing of
the plugins_info. I thought I'd try and see what happens if we allowed
spoofing with the update command too and submitted this patch:
https://review.openstack.org/326722
I'm wondering if this could be a possible soluti
Hi Everyone,
I've been meaning to bring this up for awhile. It seems some plugins are
getting a bit smarter and using the "parser.registry.get_plugin_info"
command to parse plugin versions to figure out what version of a plugin is
installed in Jenkins.
Unfortunately it's come to our attention tha
12 matches
Mail list logo