Releases: jenkinsci/appspider-build-scanner-plugin
Releases · jenkinsci/appspider-build-scanner-plugin
1.0.17
🔒 Security
Fix SECURITY-3144.
1.0.16
9f0ad9f
This commit was signed with the committer’s verified signature.
The key has expired.
Kevin-CB
Kevin Guerroudj
What's Changed
- Address warnings/errors detected by Snyk and Spotbugs by @tmoreland-r7 in #18
Full Changelog: jenkinsci-appspider-plugin-1.0.15...jenkinsci-appspider-plugin-1.0.16
Contributors
tmoreland-r7
Assets 2
1.0.15
Changes
- Jenkins version requirement change to 2.348 to address security concerns
- report name changed to use . rather than _ for consistency
- minor bug fixes and security fixes addressed by upgrading dependencies
1.0.14
Changes
- multi-client/system-administrator support added, requiring AppSpider Enterprise 3.8.227 or above
- new check box in global settings to enable multi-client/system-administrator support, enabling it will add this support but no longer be compatible with older versions of AppSpider Enterprise
1.0.13
Description
Addressed the following security issue
SECURITY-2058 / CVE-2020-2314
AppSpider Plugin 1.0.12 and earlier stores a password unencrypted in its global configuration file com.rapid7.jenkinspider.PostBuildScan.xml on the Jenkins controller as part of its configuration.
This password can be viewed by users with access to the Jenkins controller file system.
AppSpider Plugin 1.0.13 stores a password encrypted once its configuration is saved again.
v1.0.12
- added configuration option to allow self-signed certificate errors to be ignored when using HTTPS
- additional logging to aid in diagnosis of issues
- minor stability improvements