No new reports since May

[zbynek]

Description of the bug

https://plugin-health.jenkins.io/api/scores contains last reports from 2024-05-11

[alecharp]

From the logs I got, it seems that introduced a regression in

plugin-health-scoring/core/src/main/java/io/jenkins/pluginhealth/scoring/scores/SecurityWarningScoring.java

Line 66 in 78a6fca

return new Resolution(parts[0], parts[1]);

.

The line might be working well, but not with previous format of the probe result. I'll work on this.

[alecharp]

Normally, the probe should have been re-executed on all the plugins when the pull request was deployed, as its version changed. Sadly, I'm not able to put as much time as I would like on this for now, but I'm focus on this problem tomorrow.

[alecharp]

I confirmed (thanks to @dduportal ❤️) that some plugins (50) were not updated with the new version of the security probe. This is absolutely not normal.

I'm trying to think and see what I'm missing.

[alecharp]

my problem is, if a probe was run once on a plugin (because we have the previous probe result format so it was run), then there is no reason for the probe not to be executed again.

But, I'm very wrong.
All plugins with previous security probe format are skipped by the probe engine because they don't have the scm link filled. We shouldn't have any probe result registered but we have.
And because of

plugin-health-scoring/war/src/main/java/io/jenkins/pluginhealth/scoring/probes/ProbeEngine.java

Lines 95 to 98 in 1c950c8

	if (plugin.getScm() == null || plugin.getScm().isBlank()) {
	LOGGER.info("Will not run probes on {} because its SCM is not set correctly.", plugin.getName());
	return;
	}

it's not executed again.

This let the scoring process to fail because the format is not what it expected.

[kirk-fitz]

Anyone able to look at this?

[alecharp]

No mistake @dduportal. I agree that closing this before it was deployed could lead to incomprehension.
@zbynek normally, everything is back in order.

[kirk-fitz]

Hi guys, great to see the plugin health working now,
I am seeing that there is an error for the plugin:

X Dependabot is configured.
2 open dependency pull request

It is setup...

Is this an issue? Or i am been a bit impatient, and it hasn't updated yet?

https://github.com/jenkinsci/sonar-quality-gates-plugin/pulls?q=is%3Aopen+is%3Apr+label%3Adependencies

[alecharp]

It is not a bug. Dependabot is configured as stated and as you showed there are 2 open pull requests from dependabot. That's why you have 50% and not 100%. Le sam. 12 oct. 2024, 13:24, kirk-fitz ***@***.***> a écrit :

…

Hi guys, great to see the plugin health working now, I am seeing that there is an error for the plugin: X Dependabot is configured. 2 open dependency pull request It is setup... Is this an issue? Or i am been a bit impatient, and it hasn't updated yet? https://github.com/jenkinsci/sonar-quality-gates-plugin/pulls?q=is%3Aopen+is%3Apr+label%3Adependencies Screenshot_20241012_122019_Chrome.jpg (view on web) <https://github.com/user-attachments/assets/9b8c76bc-aad8-467c-aba9-f22aa5f8015b> Screenshot_20241012_122030_Chrome.jpg (view on web) <https://github.com/user-attachments/assets/0e84f5e1-75ea-4290-af2a-9394ea949129> — Reply to this email directly, view it on GitHub <#522 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AAHQWY2OJOQRZ4UAYFDHT2TZ3EBGVAVCNFSM6AAAAABJ5T6IYCVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDIMBYGUZDQNZVHA> . You are receiving this because you modified the open/close state.Message ID: ***@***.***>