Skip to content

[JENKINS-76302] Make GH org avatars work with CSP #917

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 7 commits into from
Nov 25, 2025
Merged

[JENKINS-76302] Make GH org avatars work with CSP #917

merged 7 commits into from
Nov 25, 2025

Conversation

@daniel-beck
Copy link
Member

@daniel-beck daniel-beck commented Nov 21, 2025

Description

This ensures GitHub org avatar images (the "folder icon") work in forthcoming Jenkins core releases when CSP protection is enforced.

See JENKINS-76302 for further information.

To manually test, create a GH organization folder and the icon needs to work while CSP is enforced (see core PR).

Submitter checklist

  • Link to JIRA ticket in description, if appropriate.
  • Change is code complete and matches issue description
  • Automated tests have been added to exercise the changes
  • Reviewer's manual test instructions provided in PR description. See Reviewer's first task below.

Reviewer checklist

  • Run the changes and verify that the change matches the issue description
  • Reviewed the code
  • Verified that the appropriate tests have been written or valid explanation given

Documentation changes

  • Link to jenkins.io PR, or an explanation for why no doc changes are needed

Users/aliases to notify

@daniel-beck daniel-beck mentioned this pull request Nov 21, 2025
Merged
14 tasks
rsandell
rsandell approved these changes Nov 22, 2025
View reviewed changes
Copy link
Member

@rsandell rsandell left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@scherler was working on something related in branch-source-plugin, I doubt they'll interfere but making a friendly ping anyway.

@daniel-beck daniel-beck marked this pull request as ready for review November 25, 2025 15:26
@daniel-beck daniel-beck requested a review from a team as a code owner November 25, 2025 15:26
@jglick jglick added bug and removed maintenance labels Nov 25, 2025
jglick
jglick requested changes Nov 25, 2025
View reviewed changes
Copy link
Member

@jglick jglick left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I do not really understand the security implications but presumably you do.

Just some technical requests here.

@jglick jglick merged commit 62fb7ff into master Nov 25, 2025
17 checks passed
@jglick jglick deleted the JENKINS-76302 branch November 25, 2025 17:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jglick jglick jglick approved these changes

@rsandell rsandell rsandell approved these changes

Assignees

No one assigned

Labels

bug

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@daniel-beck @jglick @rsandell