Removal request for attachments-from-jira-issues-misc/blob/main/attachments/26606/config.xml

[MarkEWaite]

Service(s)

GitHub

Summary

GitHub trust and safety sent a message requesting that a config.xml attachment be removed

Reproduction steps

1. Confirm the file exists at https://github.com/jenkinsci/attachments-from-jira-issues-misc/blob/main/attachments/26606/config.xml
2. Follow the steps described in https://docs.github.com/articles/remove-sensitive-data to remove the file or replace the "sensitive" data with

Issue reported as a help desk ticket based on the instructions in the repository README

As far as I can tell, there is no actual risk from the data that is stored in that config.xml. The two entries that look like they might be sensitive are both Secret data. That means they were encrypted with the encryption key of the Jenkins controller that stored the file. Without that encryption key, those values cannot be decrypted.

[lemeurherve]

Cf Tim's response to the initial GitHub request yesterday evening:

Feb 2, 2026, 9:55 PM UTC

Hi GitHub

repositories contains private information that was posted without consent.

It was uploaded by an employee of the company over 11 years ago.

Is the request particularly time-sensitive?

Yes

It has been publicly available for 11 years

https://docs.github.com/en/site-policy/content-removal-policies/github-private-information-removal-policy
Ask Nicely First

They have made no effort to contact us. Can you refer them to our form instead please: https://github.com/jenkinsci/attachments-from-jira-issues-misc#for-any-removal-requests

Did we receive a request from that company since?

[MarkEWaite]

Did we received a request from that company?

Not as far as I can tell.

[MarkEWaite]

I'm closing this issue, since it has already been handled by Tim's response to GitHub Trust and Safety.

[lemeurherve]

I've just saw GitHub support response, received less than 10 min ago. They did not respond to any of Tim's questions:

GitHub Trust & Safety (GitHub Support)

Feb 3, 2026, 3:29 PM UTC

Hello,

I'm reaching out on behalf of the GitHub Trust & Safety Team to let you know we received a report that one of your repositories contains private information that was posted without consent in violation of our prohibition on posting private information. Specifically, the following content was reported:

https://github.com/jenkinsci/attachments-from-jira-issues-misc/blob/af2a5b488a1e0c93d3d60f4db5383db154462283/attachments/26606/config.xml#L229

https://github.com/jenkinsci/attachments-from-jira-issues-misc/blob/af2a5b488a1e0c93d3d60f4db5383db154462283/attachments/59044/Jenkins%20Console_09082022.txt#L62

In order to remove the content in question, we ask that you refer to the following article for help:

Removing sensitive data from a repository

Please make sure to follow those instructions carefully, as simply deleting the content will not remove it completely from the repository commit history.

Alternately, you may simply want to switch the repository to private by following the instructions found here:

Making a repository private

If these changes are not made within 2 business days, we will continue our review of the complaint. We may need to disable your repository at that time in order to protect the owner of private information that has been posted in violation of our Acceptable Use Policies.

If you have any questions, concerns, or feedback regarding this notice, please let us know as soon as possible.

[lemeurherve]

Related:

• Handling removal of "private" information from Jira attachments #4927

[timja]

It seems to be an automated request? they updated the days from 3 to 2.