Skip to content

[JENKINS-75905] Include update site URL in signature verification in error messages #25980

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
MarkEWaite merged 7 commits into from
Dec 29, 2025
Merged

[JENKINS-75905] Include update site URL in signature verification in error messages #25980

MarkEWaite merged 7 commits into from
Dec 29, 2025
+126 −2

Conversation

@adhamahmad
Copy link
Contributor

@adhamahmad adhamahmad commented Dec 23, 2025
edited by MarkEWaite
Loading

Fixes #16784

This change improves the readability of signature verification error messages in the plugin manager UI.

  • The update site URL is appended to error messages provide context.
  • Users now see a concise message in the UI instead of a confusing error box dominated by stack trace details.

Testing done

  • Added a unit test in UpdateSiteTest that simulates a signature verification failure.
  • Verified that the resulting FormValidation error message contains the update site URL.
  • Manually started Jenkins with a test update site containing an invalid signature as the original issue. Verified in the plugin manager UI that the error message is concise and includes the URL.

Screenshots (UI changes only)

Before

before

After

image

Proposed changelog entries

  • Display a brief message on update site signature verification failure instead of showing a stack trace.

Proposed changelog category

/label bug

Proposed upgrade guidelines

N/A

Submitter checklist

  • The issue, if it exists, is well-described.
  • The changelog entries and upgrade guidelines are appropriate for the audience affected by the change (users or developers, depending on the change) and are in the imperative mood (see examples). Fill in the Proposed upgrade guidelines section only if there are breaking changes or changes that may require extra steps from users during upgrade.
  • There is automated testing or an explanation as to why this change has no tests.
  • New public classes, fields, and methods are annotated with @Restricted or have @since TODO Javadocs, as appropriate.
  • New deprecations are annotated with @Deprecated(since = "TODO") or @Deprecated(forRemoval = true, since = "TODO"), if applicable.
  • UI changes do not introduce regressions when enforcing the current default rules of Content Security Policy Plugin. In particular, new or substantially changed JavaScript is not defined inline and does not call eval to ease future introduction of Content Security Policy (CSP) directives (see documentation).
  • For dependency updates, there are links to external changelogs and, if possible, full differentials.
  • For new APIs and extension points, there is a link to at least one consumer.

Desired reviewers

N/A

Before the changes are marked as ready-for-merge:

Maintainer checklist

  • There are at least two (2) approvals for the pull request and no outstanding requests for change.
  • Conversations in the pull request are over, or it is explicit that a reviewer is not blocking the change.
  • Changelog entries in the pull request title and/or Proposed changelog entries are accurate, human-readable, and in the imperative mood.
  • Proper changelog labels are set so that the changelog can be generated automatically.
  • If the change needs additional upgrade steps from users, the upgrade-guide-needed label is set and there is a Proposed upgrade guidelines section in the pull request title (see example).
  • If it would make sense to backport the change to LTS, be a Bug or Improvement, and either the issue or pull request must be labeled as lts-candidate to be considered.

@welcome
Copy link

welcome bot commented Dec 23, 2025

Yay, your first pull request towards Jenkins core was created successfully! Thank you so much!

A contributor will provide feedback soon. Meanwhile, you can join the chats and community forums to connect with other Jenkins users, developers, and maintainers.

@comment-ops-bot comment-ops-bot bot added the bug For changelog: Minor bug. Will be listed after features label Dec 23, 2025
A1exKH
A1exKH approved these changes Dec 23, 2025
View reviewed changes
Copy link

@A1exKH A1exKH left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@adhamahmad, LGTM!
Thank you for screenshots and covering it by adding unit test!

MarkEWaite
MarkEWaite reviewed Dec 25, 2025
View reviewed changes
Copy link
Contributor

@MarkEWaite MarkEWaite left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the pull request. It looks good in general.

I have a question to clarify the text substitution, since I was unable to find any way to generate an exception message that would require the substitution.

I also offered two optional suggestions. You are welcome to ignore them if you don't find them to be helpful.

@adhamahmad
Merge branch 'closes#16784' of https://github.com/adhamahmad/jenkins
ea8a365 
…into closes#16784
@adhamahmad
Use the non-deprecated getJsonSignatureValidator method and add @nonnull
cad8b33 
 annotation

Use the non-deprecated getJsonSignatureValidator Add @nonnull annotation to the Throwable parameter in JSONSignatureValidator#getRootCauseMessage.
@adhamahmad
Copy link
Contributor Author

adhamahmad commented Dec 25, 2025

Hey @MarkEWaite,

Thanks for the suggestions, I’ve applied the requested changes.

Regarding the text substitution logic: I added it cause I notcied that the error message shown in case of signature verification errors include escaped HTML characters and the literal default word: 'default' as shown in the attached screenshot, I was not able to determine where this escaping is introduced..

image

I assumed that the "update site … Path" message pattern was common, and that replacing that segment would both ensure the update site URL is included and avoid the escaped 'default' portion. After further investigation, this assumption turned out to be incorrect.

In the automated test, the actual error message does not match that pattern. The message produced is:

Signature verification failed in update site 'default': Empty input
(URL: http://localhost:51764/plugins/invalid-signature-update-center.json)

Since this message does not contain the "update site … Path" sequence, the substitution branch is not executed, and the code correctly falls back to appending the URL.

Since the escaped HTML content already exists before this code runs, I am unsure whether handling it here is appropriate or whether it should be left as it is or addressed elsewhere. Please advise on the preferred approach.

@MarkEWaite
Copy link
Contributor

MarkEWaite commented Dec 25, 2025

I assumed that the "update site … Path" message pattern was common, and that replacing that segment would both ensure the update site URL is included and avoid the escaped 'default' portion.

I like that technique. That's a creative way to avoid showing a poorly formatted string to the user. It handles the issue as reported and you also handle the more general case. I think that your solution is a very reasonable choice. In both cases, the URL of the update site is shown and the stack trace is not shown.

MarkEWaite
MarkEWaite approved these changes Dec 25, 2025
View reviewed changes
Copy link
Contributor

@MarkEWaite MarkEWaite left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This PR is now ready for merge. We will merge it after approximately 24 hours if there is no negative feedback.

/label ready-for-merge

@comment-ops-bot comment-ops-bot bot added the ready-for-merge The PR is ready to go, and it will be merged soon if there is no negative feedback label Dec 25, 2025
@MarkEWaite MarkEWaite merged commit e0f83ed into jenkinsci:master Dec 29, 2025
18 checks passed
@welcome
Copy link

welcome bot commented Dec 29, 2025

Congratulations on getting your very first Jenkins core pull request merged 🎉🥳

This is a fantastic achievement, and we're thrilled to have you as part of our community! Thank you for your valuable input, and we look forward to seeing more of your contributions in the future!

We would like to invite you to join the community chats and forums to meet other Jenkins contributors 😊
Don't forget to check out the participation page to learn more about how to contribute to Jenkins.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@MarkEWaite MarkEWaite MarkEWaite approved these changes

+1 more reviewer

@A1exKH A1exKH A1exKH approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

bug For changelog: Minor bug. Will be listed after features ready-for-merge The PR is ready to go, and it will be merged soon if there is no negative feedback

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[JENKINS-75905] error from failing certificate check on plugin manager is unreadable

3 participants

@adhamahmad @MarkEWaite @A1exKH