Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-44424

CLONE - Whitelist Groovy stripIndent method from String for sandbox

XMLWordPrintable

      Hi,

      All string immutable functions should be whitelisted, I just found that stripIndent() is not usable in pipeline, I saw many other bug requests requesting specific methods. Can you please go over methods of string and open up all immutable harmless ones?

      Thanks!

          [JENKINS-44424] CLONE - Whitelist Groovy stripIndent method from String for sandbox

          Alon Bar-Lev created issue -
          Alon Bar-Lev made changes -
          Description Original: I get the following error when trying to pipeline build:

          org.jenkinsci.plugins.scriptsecurity.sandbox.RejectedAccessException: Scripts not permitted to use staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods capitalize java.lang.String

          It's triggered by the code in my pipeline definition:

             def branchToBuild = "${env.JOB_NAME}".tokenize('-').last()
             def dockerTaskBranch = branchToBuild.capitalize()

          The capitalize method should be safe enough to call from the sandbox
          		 New: Hi,

          All string immutable functions should be whitelisted, I just found that stripIndent() is not usable in pipeline, I saw many other bug requests requesting specific methods. Can you please go over methods of string and open up all immutable harmless ones?

          Thanks!
          Jesse Glick made changes -
          Resolution New: Duplicate [ 3 ]
          Status Original: Open [ 1 ] New: Resolved [ 5 ]

            vjuranek vjuranek
            alonbl Alon Bar-Lev
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: