Hi Everybody,
With the goal to improve the security of the Jenkins and Jenkins infrastructure project, we are currently working with the Linux Foundation to use a tool named “LFX security”.
Version 2 of that tool should be ready by Mid-Late September and I am currently collecting Linux Foundation accounts of people who want to be involved in that project.
As a first interation, the tool analyze the following git repositories:
- jenkins-infra/ircbot
- jenkins-infra/account-app
- jenkins-infra/plugin-site-api
- jenkins-infra/plugin-site
- jenkins-infra/jenkins-version
- jenkins-infra/docker-jenkins-lts
As a first iteration, we only analyze a subset of our public git repositories that contains no critical information. If you are interested to participate, feel free to add your Linux Foundation account to this discussion.