Chris Kilding

Ok I've looked in more detail and it's not quite as simple as I thought at first glance... The reason that `withCredentials` or `credentials` invocations in Jenkins Pipeline work, is...

I've reported this on the HTTP Request Plugin's issue tracker here: https://issues.jenkins.io/browse/JENKINS-66118

An update: I would like the dual string-or-secretbytes supplier in `CredentialFactory` to be used only with the Secret File type, as the other credential types don't need this behaviour. The...

By both cases, do you mean the Certificate credentials type as well? As far as I know the certificate's keystore is supplied by a PKCS#12 (.p12) file, which is exclusively...

Here's an alternative approach (very much WIP) as food for thought... It seems comparatively simple to ship a single fat binary with a Mac application (well, compared to shipping code...

In the Cloudbees AWS Credentials plugin, the accessKey is a String while the secretKey is a Hudson Secret: https://github.com/jenkinsci/aws-credentials-plugin/blob/cbf183ce58b955f17d93fdc1ac4d19a8ebe693db/src/main/java/com/cloudbees/jenkins/plugins/awscredentials/AWSCredentialsImpl.java Nobody has yet disputed that, so we should probably follow the...

@timja If a plugin author wants a security review of a new feature/bug fix before merging it, is there a particular process to follow for that, or is it just...

Requesting a review from @Wadeck @jenkinsci/core-security-review team... Please could you do a security review of the new feature in this PR, and let me know if it's satisfactory? As a...

This is tangentially related to #236 In that PR I'm adding support to let the plugin authenticate with AWS using a static key pair, supplied inline in Jenkins config. (This...

Fair enough, I think I'll be able to do most of the work on my own / send you PRs. Because evm is an interpreted script there's very little work...