Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-59761

Security update notifications list plugins w/ a name that can't be found in the available updates

    Details

    • Type: Bug
    • Status: Open (View Workflow)
    • Priority: Minor
    • Resolution: Unresolved
    • Component/s: core
    • Labels:
      None
    • Similar Issues:

      Description

      Here are the updates I'm offered:

      Here's me looking for Matrix Project Plugin:

      And Script Security Plugin:

       


       

        Attachments

          Activity

          Hide
          danielbeck Daniel Beck added a comment -

          Is this about the "Plugin" suffix that's inconsistently stripped?

          Show
          danielbeck Daniel Beck added a comment - Is this about the "Plugin" suffix that's inconsistently stripped?
          Hide
          jsoref Josh Soref added a comment -

          yes

          Show
          jsoref Josh Soref added a comment - yes
          Hide
          danielbeck Daniel Beck added a comment -

          Really not sure what to do about this.

          There are two components involved here, core and the update site, which independently attempt to strip redundant parts out of plugin names.

          The server side is (mostly) at https://github.com/jenkins-infra/update-center2/blob/b82c5dac759a868042e9b3c42b017bdc0bda40ae/src/main/java/org/jvnet/hudson/update_center/Plugin.java#L395-L403 with some particularly bad examples at https://github.com/jenkins-infra/update-center2/blob/ef26174817aad3cd838ba188a97374fad3cf7567/src/test/java/org/jvnet/hudson/update_center/PluginTest.java 

          While client side we only do https://github.com/jenkinsci/jenkins/blob/master/core/src/main/java/hudson/PluginWrapper.java#L437

          I like the aggressive approach a lot better because the results are cleaner, even if the results are not always great in case of really insane plugin names. It is however not an approach well suited for software that gets published and used indefinitely on new inputs.

          Show
          danielbeck Daniel Beck added a comment - Really not sure what to do about this. There are two components involved here, core and the update site, which independently attempt to strip redundant parts out of plugin names. The server side is (mostly) at https://github.com/jenkins-infra/update-center2/blob/b82c5dac759a868042e9b3c42b017bdc0bda40ae/src/main/java/org/jvnet/hudson/update_center/Plugin.java#L395-L403 with some particularly bad examples at  https://github.com/jenkins-infra/update-center2/blob/ef26174817aad3cd838ba188a97374fad3cf7567/src/test/java/org/jvnet/hudson/update_center/PluginTest.java   While client side we only do https://github.com/jenkinsci/jenkins/blob/master/core/src/main/java/hudson/PluginWrapper.java#L437 I like the aggressive approach a lot better because the results are cleaner, even if the results are not always great in case of really insane plugin names. It is however not an approach well suited for software that gets published and used indefinitely on new inputs.

            People

            • Assignee:
              Unassigned
              Reporter:
              jsoref Josh Soref
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated: