Describe the bug
As far as I understand, gw uses project-specific wrapper.jar which might result in security issues.
To Reproduce
Steps to reproduce the behavior:
1)git clone https://github.com/apache/jmeter.git; cd jmeter
2) gw jar <-- I guess here gng would use project-provided wrapper jar which might result in security issues
Expected behavior
gw should perform wrapper validation before it executes the jar.
For instance, gw might have a set of golden checksums or something like that.
Describe the bug
As far as I understand, gw uses project-specific wrapper.jar which might result in security issues.
To Reproduce
Steps to reproduce the behavior:
1)
git clone https://github.com/apache/jmeter.git; cd jmeter2)
gw jar<-- I guess here gng would use project-provided wrapper jar which might result in security issuesExpected behavior
gwshould perform wrapper validation before it executes the jar.For instance,
gwmight have a set of golden checksums or something like that.