Comments (4)
sephiroth-j
commented on July 21, 2024
I'm not sure I share the opinion on the expected behavior. Running Jenkins without CSRF protection is not supported. I think it will depend on how easy this will be to fix.
To quote from Jenkins/Configure Global Security
That option should be considered unsupported and its use should be limited to working around compatibility problems until they are resolved.
from dependency-track-plugin.
sephiroth-j
commented on July 21, 2024
okay, can be fixed relatively easily
from dependency-track-plugin.
sephiroth-j
commented on July 21, 2024
@dalikrisz: will be fixed with the next release. You can try the dev build https://github.com/jenkinsci/dependency-track-plugin/suites/4901742718/artifacts/140850722 in the meantime.
from dependency-track-plugin.
dalikrisz
commented on July 21, 2024
Thank you for your quick response and solution.
I agree with you, turning off CSRF protection is not a good choice, we are in the process of turning it back on.
In the meantime, this fix will be very appreciated.
from dependency-track-plugin.
Related Issues (20)
- Get Artifact from outside the workspace HOT 3
- Error was: Input length = 1 HOT 2
- Support threshold for "unnassigned" vulnerabilities HOT 1
- Add the possibility to assign (newly created) projects to a team HOT 2
- Add Support for Identification of Aliases HOT 8
- Dtrack-API with contextpath not accessible
- Implement Support for SBOM Quality Score Tool (sbomqs) HOT 2
- Using the dependency-track-plugin behind an (authenticating) proxy HOT 1
- Allow overrideGlobals to override Global timeout and interval settings.
- Explanation of upload error "Error was: Input length = 1 HOT 1
- I don't want to show Dependency-Track Project on Jenkins HOT 1
- HTTP 403 Forbidden, but curl works fine HOT 1
- Upload with Parent uuid does not work with 4.10.0 HOT 2
- Request Tier 2 Plugin for Dependency Track CloudBees HOT 1
- how to build the project HOT 1
- Update to Vue.js 3
- Fails if Dependencey Track API server returns Not Modified HOT 3
- sbom upload fails with "Input length = 1" after Jenkins upgrade HOT 1
- Set stage as unstable
- Is it possible to fail Jenkins on specific critical finding instead of Critical integer value.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from dependency-track-plugin.