PRQA Plugin is affected by JEP-200 in Jenkins 2.102+

XMLWordPrintable

    • Type: Bug
    • Resolution: Fixed
    • Priority: Blocker
    • Component/s: prqa-plugin
    • Environment:
      Jenkins 2.102+

      During the code inspections for JEP-200 I have discovered that the plugin is most likely affected by this security hardening in the Jenkins core.

      • Plugin uses PRQAComplianceStatus in MasterToSlaveCallable operations
      • This class comes from an external library without a "Jenkins-ClassFilter-Whitelisted" manifest entry
      • In Jenkins 2.102+ such classes will be blacklisted unless a workaround is applied

      You can find more guidelines for plugin developers in this blogpost: https://jenkins.io/blog/2018/01/13/jep-200/#for-plugin-developers. Please let us know if you need any additional info or reviews regarding this issue.

            Assignee:
            Marcos Bento
            Reporter:
            Oleg Nenashev
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved: