Class GitStatus

    • Field Detail

      • SHA1_PATTERN

        public static final Pattern SHA1_PATTERN
      • CLEANER_SHA1_PATTERN

        public static final Pattern CLEANER_SHA1_PATTERN
      • ALLOW_NOTIFY_COMMIT_PARAMETERS

        public static final boolean ALLOW_NOTIFY_COMMIT_PARAMETERS
        Allow arbitrary notify commit parameters. SECURITY-275 detected that allowing arbitrary parameters through the notifyCommit URL allows an unauthenticated user to set environment variables for a job. If this property is set to true, then the bug exposed by SECURITY-275 will be brought back. Only enable this if you trust all unauthenticated users to not pass harmful arguments to your jobs. -Dhudson.plugins.git.GitStatus.allowNotifyCommitParameters=true on command line Also honors the global Jenkins security setting "hudson.model.ParametersAction.keepUndefinedParameters" if it is set to true.
      • SAFE_PARAMETERS

        public static final String SAFE_PARAMETERS
        Allow specifically declared safe parameters. SECURITY-275 detected that allowing arbitrary parameters through the notifyCommit URL allows an unauthenticated user to set environment variables for a job. If this property is set to a comma separated list of parameters, then those parameters will be allowed for any job. Only set this value for parameters you trust in all the jobs in your system. -Dhudson.plugins.git.GitStatus.safeParameters=PARM1,PARM1 on command line Also honors the global Jenkins safe parameter list "hudson.model.ParametersAction.safeParameters" if set.
    • Constructor Detail

      • GitStatus

        public GitStatus()
    • Method Detail

      • doNotifyCommit

        public org.kohsuke.stapler.HttpResponse doNotifyCommit​(javax.servlet.http.HttpServletRequest request,
                                                               @QueryParameter(required=true)
                                                               String url,
                                                               @QueryParameter
                                                               String branches,
                                                               @QueryParameter
                                                               String sha1,
                                                               @QueryParameter
                                                               String token)
      • looselyMatches

        public static boolean looselyMatches​(org.eclipse.jgit.transport.URIish lhs,
                                             org.eclipse.jgit.transport.URIish rhs)
        Used to test if what we have in the job configuration matches what was submitted to the notification endpoint. It is better to match loosely and wastes a few polling calls than to be pedantic and miss the push notification, especially given that Git tends to support multiple access protocols.
        Parameters:
        lhs - left-hand side of comparison
        rhs - right-hand side of comparison
        Returns:
        true if left-hand side loosely matches right-hand side