#3399
95%
master: 95%

Ran 15 Apr 2026 06:18PM UTC

Jobs 1

Files 182

Run time 1min

Badge

Embed ▾

Committed 15 Apr 2026 06:14PM UTC coverage: 95.276% (-0.1%) from 95.4%

Build # #3399

Build Type

Pull #3484

screwdriver

Committed by

tomaioo

Commit Message

fix(security): missing resource-level authorization on build retr

The `GET /builds/{id}` handler returns build data (including environment and step details) without checking whether the caller can access the associated pipeline/build. This can allow authenticated users to enumerate and read build records outside their authorization boundary.

Signed-off-by: tomaioo <203048277+tomaioo@users.noreply.github.com>

Pull Request Pull Request #3484: Security: Missing resource-level authorization on build retrieval endpoint (potential IDOR/data leak)

Coverage Stats

2233 of 2418 branches covered (92.35%)

Branch coverage included in aggregate %.

1 of 1 new or added line in 1 file covered. (100.0%)

8 existing lines in 1 file now uncovered.

5411 of 5605 relevant lines covered (96.54%)

110.62 hits per line

Coverage Regressions

Lines	Coverage	∆	File
8	58.33	-41.67%	plugins/builds/get.js

Jobs

ID	Job ID	Ran	Files	Coverage
1	#3399.1	15 Apr 2026 06:18PM UTC	182	95.28

screwdriver-cd / screwdriver / #3399
95%
master: 95%

README BADGES
x

Markdown

Textile

RDoc

HTML

Rst

Coverage Regressions

Jobs

Source Files on build #3399

screwdriver-cd / screwdriver / #3399 95% master: 95%

README BADGES x

Markdown

Textile

RDoc

HTML

Rst

Coverage Regressions

Jobs

Source Files on build #3399

screwdriver-cd / screwdriver / #3399
95%
master: 95%

README BADGES
x