-
Bug
-
Resolution: Fixed
-
Major
-
-
Pipeline - July/August
I have a custom class which I am using inside of some groovy functions with a list of custom methods. When I use that custom class inside of a script needed to be approved by script security it is being transformed differently than expected.
When I try to do a for loop through an array and do `i++` it is being translated as i.next() instead of adding 1 and then when I am calling the creator method `def $ITEM` it is being created as a hashmap. Neither of those methods exists inside of my custom class so it is throwing errors like `No signature of method X.next()` and `unclassified new X java.util.LinkedHashMap`
I would either like to get more visibility about hot the translation is happening or potentially have other default method calls.
Let me know if I can provide more context here.
- is duplicated by
-
JENKINS-46194 Numeric increment operator does not work in a closure in an sandbox
-
- Closed
-
- links to
I've got a minimal reproduction with script-security 1.29:
Passed through the sandbox, you get org.jenkinsci.plugins.scriptsecurity.sandbox.RejectedAccessException: Scripts not permitted to use method groovy.lang.GroovyObject invokeMethod java.lang.String java.lang.Object (Script1 next). This only happens when you've got the for (...) loop inside the .each loop, so there's something going wrong there specifically.