Jenkins SECURITY-248 声明我应该“在全局配置中禁用注入(inject)环境变量的可视化”。我在配置中找不到此设置。任何帮助将不胜感激。
请您参考如下方法:
您可以执行以下操作以确保正确解决此安全问题:
sudo find . -name "injectedEnvVars.txt" sudo find . -name "injectedEnvVars.txt" -delete Configure Global Security在 Environment Injector Plugin 下查看 Do not show injected variables .Configure Global Security在 Hidden security warnings 下, 点击Security Warnings然后取消选中 Environment Injector Plugin: Exposure of sensitive build variables stored by EnvInject 1.90 and earlier .这将确保隐藏该错误消息,使其不再出现。引用: https://jenkins.io/security/advisory/2018-02-26/#SECURITY-248
