Closed zbynek closed 1 month ago
alecharp
commented
4 months ago From the logs I got, it seems that introduced a regression in https://github.com/jenkins-infra/plugin-health-scoring/blob/78a6fcabd3047103e8d9fc9db8f71a4a92d9e31c/core/src/main/java/io/jenkins/pluginhealth/scoring/scores/SecurityWarningScoring.java#L66.
The line might be working well, but not with previous format of the probe result. I'll work on this.
alecharp
commented
4 months ago Normally, the probe should have been re-executed on all the plugins when the pull request was deployed, as its version changed. Sadly, I'm not able to put as much time as I would like on this for now, but I'm focus on this problem tomorrow.
alecharp
commented
4 months ago I confirmed (thanks to @dduportal ❤️) that some plugins (50) were not updated with the new version of the security probe. This is absolutely not normal.
I'm trying to think and see what I'm missing.
alecharp
commented
4 months ago my problem is, if a probe was run once on a plugin (because we have the previous probe result format so it was run), then there is no reason for the probe not to be executed again.
But, I'm very wrong.
All plugins with previous security probe format are skipped by the probe engine because they don't have the scm link filled. We shouldn't have any probe result registered but we have.
And because of https://github.com/jenkins-infra/plugin-health-scoring/blob/1c950c801e5bce7f6a2941862431d6f9840424e0/war/src/main/java/io/jenkins/pluginhealth/scoring/probes/ProbeEngine.java#L95-L98
it's not executed again.
This let the scoring process to fail because the format is not what it expected.
kirk-fitz
commented
2 months ago Anyone able to look at this?
dduportal
commented
1 month ago ~Reopening until the app is in production~ Sorry, mistake
alecharp
commented
1 month ago No mistake @dduportal. I agree that closing this before it was deployed could lead to incomprehension. @zbynek normally, everything is back in order.
kirk-fitz
commented
1 month ago Hi guys, great to see the plugin health working now, I am seeing that there is an error for the plugin:
X Dependabot is configured. 2 open dependency pull request
It is setup...
Is this an issue? Or i am been a bit impatient, and it hasn't updated yet?
alecharp
commented
1 month ago It is not a bug. Dependabot is configured as stated and as you showed there are 2 open pull requests from dependabot. That's why you have 50% and not 100%.
Le sam. 12 oct. 2024, 13:24, kirk-fitz @.***> a écrit :
Hi guys, great to see the plugin health working now, I am seeing that there is an error for the plugin:
X Dependabot is configured. 2 open dependency pull request
It is setup...
Is this an issue? Or i am been a bit impatient, and it hasn't updated yet?
Screenshot_20241012_122019_Chrome.jpg (view on web) https://github.com/user-attachments/assets/9b8c76bc-aad8-467c-aba9-f22aa5f8015b Screenshot_20241012_122030_Chrome.jpg (view on web) https://github.com/user-attachments/assets/0e84f5e1-75ea-4290-af2a-9394ea949129
— Reply to this email directly, view it on GitHub https://github.com/jenkins-infra/plugin-health-scoring/issues/522#issuecomment-2408528758, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAHQWY2OJOQRZ4UAYFDHT2TZ3EBGVAVCNFSM6AAAAABJ5T6IYCVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDIMBYGUZDQNZVHA . You are receiving this because you modified the open/close state.Message ID: @.***>
Description of the bug
https://plugin-health.jenkins.io/api/scores contains last reports from 2024-05-11