With the goal to improve the security of the Jenkins and Jenkins infrastructure project, we are currently working with the Linux Foundation to use a tool named “LFX security”.
Version 2 of that tool should be ready by Mid-Late September and I am currently collecting Linux Foundation accounts of people who want to be involved in that project.
As a first interation, the tool analyze the following git repositories:
As a first iteration, we only analyze a subset of our public git repositories that contains no critical information. If you are interested to participate, feel free to add your Linux Foundation account to this discussion.