Closed dependabot[bot] closed 2 months ago
Checkmarx One – Scan Summary & Details – daf119a1-077c-410b-89bb-19c14838c7a0
Policy Name | Rule(s) | Break Build |
---|---|---|
[SAST-ML0] Not allowed NEW Sast vulnerabilities | true |
Severity | Issue | Source File / Package | Checkmarx Insight |
---|---|---|---|
Cleartext_Submission_of_Sensitive_Information | /src/main/java/com/checkmarx/jenkins/tools/ProxyHttpClient.java: 34 | Attack Vector | |
Cleartext_Submission_of_Sensitive_Information | /src/main/java/com/checkmarx/jenkins/tools/ProxyHttpClient.java: 34 | Attack Vector | |
Cleartext_Submission_of_Sensitive_Information | /src/main/java/com/checkmarx/jenkins/tools/ProxyHttpClient.java: 34 | Attack Vector |
Severity | Issue | Source File / Package |
---|---|---|
Unpinned Actions Full Length Commit SHA | /ci.yml: 40 | |
Unpinned Actions Full Length Commit SHA | /manual-tag.yml: 23 | |
Unpinned Actions Full Length Commit SHA | /release.yml: 42 | |
Unpinned Actions Full Length Commit SHA | /release.yml: 53 | |
Unpinned Actions Full Length Commit SHA | /cd.yml: 24 | |
Unpinned Actions Full Length Commit SHA | /cd.yml: 17 | |
Unpinned Actions Full Length Commit SHA | /cd.yml: 55 | |
Unpinned Actions Full Length Commit SHA | /cd.yml: 34 |
Bumps org.jenkins-ci.plugins:plugin from 4.85 to 4.86.
Release notes
Sourced from org.jenkins-ci.plugins:plugin's releases.
Commits
eaacad8
[maven-release-plugin] prepare release plugin-4.869304b5a
Update JTH from 2225.2229.vc4c7fcb_6673c to 2225.2230.v6210cb_b_827f9 (#980)658afed
Upgradestructs
in integration tests (#978)d550bbc
Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.7.0 to 3.8.0 (#977)1fd3dae
Upgrade test harness from 2225.2227.vfc00092c557a_ to 2225.2229.vc4c7fcb_6673...992118d
Bump org.jenkins-ci.tools:maven-hpi-plugin from 3.55 to 3.56 (#975)89ceab2
Bump org.apache.maven.plugins:maven-release-plugin from 3.0.1 to 3.1.1 (#974)81a23d3
Bump org.apache.maven.plugins:maven-project-info-reports-plugin (#973)b148193
Bump maven-surefire-plugin.version from 3.3.0 to 3.3.1 (#972)5040f5c
[maven-release-plugin] prepare for next development iterationDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show