Skip to content
This repository has been archived by the owner on Mar 17, 2019. It is now read-only.

Script scrubbing old serialized GitHub credentials from build.xml files

Notifications You must be signed in to change notification settings

jenkinsci-cert/SECURITY-261

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
 
 
 
 

Repository files navigation

Scrub GitHub credentials from build.xml files

GitHub Pull Request Builder Plugin before 1.40.0 stored GitHub credentials in build.xml files as part of serialized Java objects. 1.40.0 stopped doing so, but does not remove previously serialized data.

See the 2018-03-26 Jenkins security advisory.

The script in this repository will attempt to save old build records again, scrubbing the credentials from disk.

We strongly recommend that old access tokens be revoked even if running this script.

How to use

  1. Navigate to Manage Jenkins » Script Console
  2. Paste the entire content of the script.groovy in this repository into the text box.
  3. Read the output and act on instructions as necessary.

About

Script scrubbing old serialized GitHub credentials from build.xml files

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages