René's URL Explorer Experiment


Title: Add JFrog GitHub OIDC Integration Workflow by jfrog-app-for-github[bot] · Pull Request #2 · pkng-learn/JavaVulnerableLab · GitHub

Open Graph Title: Add JFrog GitHub OIDC Integration Workflow by jfrog-app-for-github[bot] · Pull Request #2 · pkng-learn/JavaVulnerableLab

X Title: Add JFrog GitHub OIDC Integration Workflow by jfrog-app-for-github[bot] · Pull Request #2 · pkng-learn/JavaVulnerableLab

Description: Vulnerable Java based Web Application. Contribute to pkng-learn/JavaVulnerableLab development by creating an account on GitHub.

Open Graph Description: This PR adds a workflow example that demonstrates how to use JFrog's GitHub OIDC integration for secure authentication without storing credentials.

X Description: This PR adds a workflow example that demonstrates how to use JFrog's GitHub OIDC integration for secure authentication without storing credentials.

Opengraph URL: https://github.com/pkng-learn/JavaVulnerableLab/pull/2

X: @github

direct link

Domain: github.com

route-pattern/_view_fragments/voltron/pull_requests/show/:user_id/:repository/:id/pull_request_layout(.:format)
route-controllervoltron_pull_requests_fragments
route-actionpull_request_layout
fetch-noncev2:c548a69e-1e55-7537-5db5-0f11f6e97838
current-catalog-service-hashae870bc5e265a340912cde392f23dad3671a0a881730ffdadd82f2f57d81641b
request-id9F6A:2E2A14:6957A:925EA:6A5474FE
html-safe-nonce88755412477a8071964bc79710acde8aa74b4fe121478b767b302e572a28de16
visitor-payloadeyJyZWZlcnJlciI6IiIsInJlcXVlc3RfaWQiOiI5RjZBOjJFMkExNDo2OTU3QTo5MjVFQTo2QTU0NzRGRSIsInZpc2l0b3JfaWQiOiIyMzU2NTIwNDk0MDU5MjU1MDM4IiwicmVnaW9uX2VkZ2UiOiJpYWQiLCJyZWdpb25fcmVuZGVyIjoiaWFkIn0=
visitor-hmacdac611f440d90adb328e3d2250070769cc0d4141e557cbd3a41e0eca6f1ff016
hovercard-subject-tagpull_request:3192460675
github-keyboard-shortcutsrepository,pull-request-list,pull-request-conversation,pull-request-files-changed,copilot
google-site-verificationApib7-x98H0j5cPqHWwSMm6dNU4GmODRoqxLiDzdx9I
octolytics-urlhttps://collector.github.com/github/collect
analytics-location///voltron/pull_requests_fragments/pull_request_layout
fb:app_id1401488693436528
apple-itunes-appapp-id=1477376905, app-argument=https://github.com/_view_fragments/voltron/pull_requests/show/pkng-learn/JavaVulnerableLab/2/pull_request_layout
twitter:imagehttps://opengraph.githubassets.com/e9b594044a1473d3562b1674eff1bb4215ac987dc7cd4ef3a4a75c71c57a8217/pkng-learn/JavaVulnerableLab/pull/2
twitter:cardsummary_large_image
og:imagehttps://opengraph.githubassets.com/e9b594044a1473d3562b1674eff1bb4215ac987dc7cd4ef3a4a75c71c57a8217/pkng-learn/JavaVulnerableLab/pull/2
og:image:altThis PR adds a workflow example that demonstrates how to use JFrog's GitHub OIDC integration for secure authentication without storing credentials.
og:image:width1200
og:image:height600
og:site_nameGitHub
og:typeobject
og:author:usernamejfrog-app-for-github[bot]
hostnamegithub.com
expected-hostnamegithub.com
Noneb9a586c06a05a7a86fc7e3f4dbd03e42f6869085879aa184aa6369456dbd50fb
turbo-cache-controlno-cache
go-importgithub.com/pkng-learn/JavaVulnerableLab git https://github.com/pkng-learn/JavaVulnerableLab.git
octolytics-dimension-user_id252856341
octolytics-dimension-user_loginpkng-learn
octolytics-dimension-repository_id1137937296
octolytics-dimension-repository_nwopkng-learn/JavaVulnerableLab
octolytics-dimension-repository_publictrue
octolytics-dimension-repository_is_forktrue
octolytics-dimension-repository_parent_id28911199
octolytics-dimension-repository_parent_nwoCSPF-Founder/JavaVulnerableLab
octolytics-dimension-repository_network_root_id28911199
octolytics-dimension-repository_network_root_nwoCSPF-Founder/JavaVulnerableLab
turbo-body-classeslogged-out env-production page-responsive
disable-turbofalse
browser-stats-urlhttps://api.github.com/_private/browser/stats
browser-errors-urlhttps://api.github.com/_private/browser/errors
release6d28624802c2f7d9500239dd6870ed7031b7353b
ui-targetfull
theme-color#1e2327
color-schemelight dark

Links:

Skip to contenthttps://github.com/pkng-learn/JavaVulnerableLab/pull/2#start-of-content
https://github.com/
Sign in https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fpkng-learn%2FJavaVulnerableLab%2Fpull%2F2
GitHub CopilotWrite better code with AIhttps://github.com/features/copilot
GitHub Copilot appDirect agents from issue to mergehttps://github.com/features/ai/github-app
MCP RegistryNewIntegrate external toolshttps://github.com/mcp
ActionsAutomate any workflowhttps://github.com/features/actions
CodespacesInstant dev environmentshttps://github.com/features/codespaces
IssuesPlan and track workhttps://github.com/features/issues
Code ReviewManage code changeshttps://github.com/features/code-review
GitHub Advanced SecurityFind and fix vulnerabilitieshttps://github.com/security/advanced-security
Code securitySecure your code as you buildhttps://github.com/security/advanced-security/code-security
Secret protectionStop leaks before they starthttps://github.com/security/advanced-security/secret-protection
Why GitHubhttps://github.com/why-github
Documentationhttps://docs.github.com
Bloghttps://github.blog
Changeloghttps://github.blog/changelog
Marketplacehttps://github.com/marketplace
View all featureshttps://github.com/features
Enterpriseshttps://github.com/enterprise
Small and medium teamshttps://github.com/team
Startupshttps://github.com/enterprise/startups
Nonprofitshttps://github.com/solutions/industry/nonprofits
App Modernizationhttps://github.com/solutions/use-case/app-modernization
DevSecOpshttps://github.com/solutions/use-case/devsecops
DevOpshttps://github.com/solutions/use-case/devops
CI/CDhttps://github.com/solutions/use-case/ci-cd
View all use caseshttps://github.com/solutions/use-case
Healthcarehttps://github.com/solutions/industry/healthcare
Financial serviceshttps://github.com/solutions/industry/financial-services
Manufacturinghttps://github.com/solutions/industry/manufacturing
Governmenthttps://github.com/solutions/industry/government
View all industrieshttps://github.com/solutions/industry
View all solutionshttps://github.com/solutions
AIhttps://github.com/resources/articles?topic=ai
Software Developmenthttps://github.com/resources/articles?topic=software-development
DevOpshttps://github.com/resources/articles?topic=devops
Securityhttps://github.com/resources/articles?topic=security
View all topicshttps://github.com/resources/articles
Customer storieshttps://github.com/customer-stories
Events & webinarshttps://github.com/resources/events
Ebooks & reportshttps://github.com/resources/whitepapers
Business insightshttps://github.com/solutions/executive-insights
GitHub Skillshttps://skills.github.com
Documentationhttps://docs.github.com
Customer supporthttps://support.github.com
Community forumhttps://github.com/orgs/community/discussions
Trust centerhttps://github.com/trust-center
Partnershttps://github.com/partners
View all resourceshttps://github.com/resources
GitHub SponsorsFund open source developershttps://github.com/open-source/sponsors
Security Labhttps://securitylab.github.com
Maintainer Communityhttps://maintainers.github.com
Acceleratorhttps://github.com/open-source/accelerator
GitHub Starshttps://stars.github.com
Archive Programhttps://archiveprogram.github.com
Topicshttps://github.com/topics
Trendinghttps://github.com/trending
Collectionshttps://github.com/collections
Enterprise platformAI-powered developer platformhttps://github.com/enterprise
GitHub Advanced SecurityEnterprise-grade security featureshttps://github.com/security/advanced-security
Copilot for BusinessEnterprise-grade AI featureshttps://github.com/features/copilot/copilot-business
Premium SupportEnterprise-grade 24/7 supporthttps://github.com/enterprise/premium-support
Pricinghttps://github.com/pricing
Search syntax tipshttps://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax
documentationhttps://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax
Sign in https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fpkng-learn%2FJavaVulnerableLab%2Fpull%2F2
Sign up https://github.com/signup?ref_cta=Sign+up&ref_loc=header+logged+out&ref_page=%2F%3Cuser-name%3E%2F%3Crepo-name%3E%2Fvoltron%2Fpull_requests_fragments%2Fpull_request_layout&source=header-repo&source_repo=pkng-learn%2FJavaVulnerableLab
Reloadhttps://github.com/pkng-learn/JavaVulnerableLab/pull/2
Reloadhttps://github.com/pkng-learn/JavaVulnerableLab/pull/2
Reloadhttps://github.com/pkng-learn/JavaVulnerableLab/pull/2
Please reload this pagehttps://github.com/pkng-learn/JavaVulnerableLab/pull/2
pkng-learn https://github.com/pkng-learn
JavaVulnerableLabhttps://github.com/pkng-learn/JavaVulnerableLab
CSPF-Founder/JavaVulnerableLabhttps://github.com/CSPF-Founder/JavaVulnerableLab
Notifications https://github.com/login?return_to=%2Fpkng-learn%2FJavaVulnerableLab
Fork 0 https://github.com/login?return_to=%2Fpkng-learn%2FJavaVulnerableLab
Star 0 https://github.com/login?return_to=%2Fpkng-learn%2FJavaVulnerableLab
Code https://github.com/pkng-learn/JavaVulnerableLab
Pull requests 2 https://github.com/pkng-learn/JavaVulnerableLab/pulls
Actions https://github.com/pkng-learn/JavaVulnerableLab/actions
Projects https://github.com/pkng-learn/JavaVulnerableLab/projects
Security and quality 0 https://github.com/pkng-learn/JavaVulnerableLab/security
Insights https://github.com/pkng-learn/JavaVulnerableLab/pulse
Code https://github.com/pkng-learn/JavaVulnerableLab
Pull requests https://github.com/pkng-learn/JavaVulnerableLab/pulls
Actions https://github.com/pkng-learn/JavaVulnerableLab/actions
Projects https://github.com/pkng-learn/JavaVulnerableLab/projects
Security and quality https://github.com/pkng-learn/JavaVulnerableLab/security
Insights https://github.com/pkng-learn/JavaVulnerableLab/pulse
jfrog-app-for-github[bot]https://github.com/jfrog-app-for-github[bot]
masterhttps://github.com/pkng-learn/JavaVulnerableLab/tree/master
feature/jfrog-github-oidc-integrationhttps://github.com/pkng-learn/JavaVulnerableLab/tree/feature/jfrog-github-oidc-integration
Conversationhttps://github.com/pkng-learn/JavaVulnerableLab/pull/2
Commits24 (24)https://github.com/pkng-learn/JavaVulnerableLab/pull/2/commits
Checkshttps://github.com/pkng-learn/JavaVulnerableLab/pull/2/checks
Files changedhttps://github.com/pkng-learn/JavaVulnerableLab/pull/2/files
Add JFrog GitHub OIDC Integration Workflowhttps://github.com/pkng-learn/JavaVulnerableLab/pull/2#top
jfrog-app-for-github[bot]https://github.com/jfrog-app-for-github[bot]
masterhttps://github.com/pkng-learn/JavaVulnerableLab/tree/master
feature/jfrog-github-oidc-integrationhttps://github.com/pkng-learn/JavaVulnerableLab/tree/feature/jfrog-github-oidc-integration
https://github.com/apps/jfrog-app-for-github
jfrog-app-for-githubhttps://github.com/apps/jfrog-app-for-github
Jan 20, 2026https://github.com/pkng-learn/JavaVulnerableLab/pull/2#issue-3835074905
Please reload this pagehttps://github.com/pkng-learn/JavaVulnerableLab/pull/2
Add example workflow for GitHub OIDC integrationhttps://github.com/pkng-learn/JavaVulnerableLab/pull/2/commits/72422dc0a6ae2cd9b195da4c2ee07ed135048ab4
72422dchttps://github.com/pkng-learn/JavaVulnerableLab/pull/2/commits/72422dc0a6ae2cd9b195da4c2ee07ed135048ab4
https://github.com/cx-demo
cx-demohttps://github.com/cx-demo
Jan 20, 2026https://github.com/pkng-learn/JavaVulnerableLab/pull/2#event-22170109886
https://github.com/cx-demo
cx-demohttps://github.com/cx-demo
Jan 20, 2026https://github.com/pkng-learn/JavaVulnerableLab/pull/2#event-22170338430
cx-demohttps://github.com/cx-demo
January 21, 2026 03:32https://github.com/pkng-learn/JavaVulnerableLab/pull/2#commits-pushed-49cf3f6
https://github.com/cx-demo
add in jfrog scanhttps://github.com/pkng-learn/JavaVulnerableLab/pull/2/commits/49cf3f666bad481e92af3b194ae6f8e8a8469015
49cf3f6https://github.com/pkng-learn/JavaVulnerableLab/pull/2/commits/49cf3f666bad481e92af3b194ae6f8e8a8469015
https://github.com/cx-demo
update jf configurationhttps://github.com/pkng-learn/JavaVulnerableLab/pull/2/commits/7467da55ef7a60b2a422ef7f197f0fa414fb9d5c
7467da5https://github.com/pkng-learn/JavaVulnerableLab/pull/2/commits/7467da55ef7a60b2a422ef7f197f0fa414fb9d5c
https://github.com/cx-demo
downgrade mavenhttps://github.com/pkng-learn/JavaVulnerableLab/pull/2/commits/d3f19cdf5012f034d192e2ea27f9769bb8b6ed01
d3f19cdhttps://github.com/pkng-learn/JavaVulnerableLab/pull/2/commits/d3f19cdf5012f034d192e2ea27f9769bb8b6ed01
https://github.com/cx-demo
uncomment jf mvn-confighttps://github.com/pkng-learn/JavaVulnerableLab/pull/2/commits/558571af33bacfddc7a62e4fd718664baac6b036
558571ahttps://github.com/pkng-learn/JavaVulnerableLab/pull/2/commits/558571af33bacfddc7a62e4fd718664baac6b036
https://github.com/cx-demo
tryhttps://github.com/pkng-learn/JavaVulnerableLab/pull/2/commits/f2a511c05aaf49f7276aa32e8e9a1e246937b63b
f2a511chttps://github.com/pkng-learn/JavaVulnerableLab/pull/2/commits/f2a511c05aaf49f7276aa32e8e9a1e246937b63b
https://github.com/cx-demo
try native instead of wraphttps://github.com/pkng-learn/JavaVulnerableLab/pull/2/commits/3b573832be8e9a32fa8da7ece2c6bf57fbae537c
3b57383https://github.com/pkng-learn/JavaVulnerableLab/pull/2/commits/3b573832be8e9a32fa8da7ece2c6bf57fbae537c
https://github.com/cx-demo
update extensionhttps://github.com/pkng-learn/JavaVulnerableLab/pull/2/commits/189ec1e904c55b7fe1406156b4f5e610a9ad7fb1
189ec1ehttps://github.com/pkng-learn/JavaVulnerableLab/pull/2/commits/189ec1e904c55b7fe1406156b4f5e610a9ad7fb1
https://github.com/cx-demo
add uber classifierhttps://github.com/pkng-learn/JavaVulnerableLab/pull/2/commits/086f6ea883259ad8dcb84a43de2b7ef74096f3be
086f6eahttps://github.com/pkng-learn/JavaVulnerableLab/pull/2/commits/086f6ea883259ad8dcb84a43de2b7ef74096f3be
https://github.com/cx-demo
correct extensionshttps://github.com/pkng-learn/JavaVulnerableLab/pull/2/commits/0ede456f15327a517b8315b25107f2b2da3c0aba
0ede456https://github.com/pkng-learn/JavaVulnerableLab/pull/2/commits/0ede456f15327a517b8315b25107f2b2da3c0aba
https://github.com/cx-demo
update jfrog stepshttps://github.com/pkng-learn/JavaVulnerableLab/pull/2/commits/bd6fa719e416e57816e83255287fd5d7d10cd5fc
bd6fa71https://github.com/pkng-learn/JavaVulnerableLab/pull/2/commits/bd6fa719e416e57816e83255287fd5d7d10cd5fc
https://github.com/cx-demo
troubleshoothttps://github.com/pkng-learn/JavaVulnerableLab/pull/2/commits/6e088c629c5b5b3235c7d5e3904310bb56417b38
6e088c6https://github.com/pkng-learn/JavaVulnerableLab/pull/2/commits/6e088c629c5b5b3235c7d5e3904310bb56417b38
https://github.com/cx-demo
white spacehttps://github.com/pkng-learn/JavaVulnerableLab/pull/2/commits/42a717933e712fb5893a3d962d27bbd9d7c88a04
42a7179https://github.com/pkng-learn/JavaVulnerableLab/pull/2/commits/42a717933e712fb5893a3d962d27bbd9d7c88a04
https://github.com/cx-demo
update Maven command to deploy artifacts and publish build info to Ar…https://github.com/pkng-learn/JavaVulnerableLab/pull/2/commits/69ad6373d9e85e0937dea348a632affab13689c7
69ad637https://github.com/pkng-learn/JavaVulnerableLab/pull/2/commits/69ad6373d9e85e0937dea348a632affab13689c7
https://github.com/cx-demo
refactor Maven command for cleaner deployment and artifact publishinghttps://github.com/pkng-learn/JavaVulnerableLab/pull/2/commits/b44fdf11becd045a5e81022b804cf50083800aeb
b44fdf1https://github.com/pkng-learn/JavaVulnerableLab/pull/2/commits/b44fdf11becd045a5e81022b804cf50083800aeb
https://github.com/cx-demo
refactor JFrog CLI configuration for improved readability and add Son…https://github.com/pkng-learn/JavaVulnerableLab/pull/2/commits/4bf5c698ba8c3bbaadfe20b05070d3022ca7b34d
4bf5c69https://github.com/pkng-learn/JavaVulnerableLab/pull/2/commits/4bf5c698ba8c3bbaadfe20b05070d3022ca7b34d
https://github.com/cx-demo
enhance JFrog CLI integration by retrieving Dynamic Server ID for OID…https://github.com/pkng-learn/JavaVulnerableLab/pull/2/commits/2fc62b01eefd04927a49ce1c1b26fb418f62791d
2fc62b0https://github.com/pkng-learn/JavaVulnerableLab/pull/2/commits/2fc62b01eefd04927a49ce1c1b26fb418f62791d
https://github.com/cx-demo
refactor JFrog CLI integration to use environment variable for Server…https://github.com/pkng-learn/JavaVulnerableLab/pull/2/commits/808b7de72c06c370a727695bb7d69f5a09343504
808b7dehttps://github.com/pkng-learn/JavaVulnerableLab/pull/2/commits/808b7de72c06c370a727695bb7d69f5a09343504
https://github.com/cx-demo
refactor JFrog CLI integration to retrieve Server ID from generated s…https://github.com/pkng-learn/JavaVulnerableLab/pull/2/commits/a73120a8d7f380d51fd785ed82bccbb1ab765986
a73120ahttps://github.com/pkng-learn/JavaVulnerableLab/pull/2/commits/a73120a8d7f380d51fd785ed82bccbb1ab765986
https://github.com/cx-demo
refactor JFrog CLI configuration to generate standard settings.xml an…https://github.com/pkng-learn/JavaVulnerableLab/pull/2/commits/3cc71559b60fe4e7d5f433b874cb34e83c080301
3cc7155https://github.com/pkng-learn/JavaVulnerableLab/pull/2/commits/3cc71559b60fe4e7d5f433b874cb34e83c080301
https://github.com/cx-demo
refactor JFrog CLI configuration to streamline settings.xml generatio…https://github.com/pkng-learn/JavaVulnerableLab/pull/2/commits/f4203047ba76cbd1f0f929af02fbf4d04a28c334
f420304https://github.com/pkng-learn/JavaVulnerableLab/pull/2/commits/f4203047ba76cbd1f0f929af02fbf4d04a28c334
https://github.com/cx-demo
refactor Maven build process to extract OIDC credentials and streamli…https://github.com/pkng-learn/JavaVulnerableLab/pull/2/commits/cee9bf6b5b87aa60a03bb9bb8f2d782339d37ec5
cee9bf6https://github.com/pkng-learn/JavaVulnerableLab/pull/2/commits/cee9bf6b5b87aa60a03bb9bb8f2d782339d37ec5
https://github.com/cx-demo
refactor JFrog CLI integration to extract access token and streamline…https://github.com/pkng-learn/JavaVulnerableLab/pull/2/commits/94b3ace09cfa1e28621aeb4410111e7e8fd237a3
94b3acehttps://github.com/pkng-learn/JavaVulnerableLab/pull/2/commits/94b3ace09cfa1e28621aeb4410111e7e8fd237a3
https://github.com/cx-demo
refactor JFrog CLI integration to extract access token using the corr…https://github.com/pkng-learn/JavaVulnerableLab/pull/2/commits/ac48667fd5481cc73ca6040b8cff23a5f85408fa
ac48667https://github.com/pkng-learn/JavaVulnerableLab/pull/2/commits/ac48667fd5481cc73ca6040b8cff23a5f85408fa
https://github.com/apps/sonarqubecloud
sonarqubecloudhttps://github.com/apps/sonarqubecloud
Jan 20, 2026https://github.com/pkng-learn/JavaVulnerableLab/pull/2#issuecomment-3775474703
https://sonarcloud.io/dashboard?id=pkng-learn_JavaVulnerableLab&pullRequest=2
https://camo.githubusercontent.com/4fe73d190ee58e1cd813384cae342413435615102ab16a3fffc5c5ac2bb56044/68747470733a2f2f736f6e6172736f757263652e6769746875622e696f2f736f6e6172636c6f75642d6769746875622d7374617469632d7265736f75726365732f76322f636f6d6d6f6e2f6661696c65642d313670782e706e67
1 Security Hotspothttps://sonarcloud.io/project/security_hotspots?id=pkng-learn_JavaVulnerableLab&pullRequest=2&issueStatuses=OPEN,CONFIRMED&sinceLeakPeriod=true
See analysis details on SonarQube Cloudhttps://sonarcloud.io/dashboard?id=pkng-learn_JavaVulnerableLab&pullRequest=2
Please reload this pagehttps://github.com/pkng-learn/JavaVulnerableLab/pull/2
https://github.co/hiddenchars
https://github.com/pkng-learn/JavaVulnerableLab/pull/{{ revealButtonHref }}
Sign up for freehttps://github.com/join?source=comment-repo
Sign in to commenthttps://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fpkng-learn%2FJavaVulnerableLab%2Fpull%2F2
Please reload this pagehttps://github.com/pkng-learn/JavaVulnerableLab/pull/2
https://github.com/cx-demo
https://github.com
Termshttps://docs.github.com/site-policy/github-terms/github-terms-of-service
Privacyhttps://docs.github.com/site-policy/privacy-policies/github-privacy-statement
Securityhttps://github.com/security
Statushttps://www.githubstatus.com/
Communityhttps://github.community/
Docshttps://docs.github.com/
Contacthttps://support.github.com?tags=dotcom-footer

Viewport: width=device-width


URLs of crawlers that visited me.