Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-48950

JEP-200: GHPRB Plugin Fails Whitelist

    XMLWordPrintable

Details

    • Bug
    • Resolution: Fixed
    • Minor
    • ghprb-plugin
    • Jenkins 2.102

    Description

      The GitHub PR Builder plugin gets flagged after updating to 2.102 breaking automated PR jobs:

       

      WARNING: org.kohsuke.github.GHPullRequestCommitDetail$Authorship in file:/var/lib/jenkins/plugins/github-api/WEB-INF/lib/github-api-1.90.jar might be dangerous, so rejecting; see https://jenkins.io/redirect/class-filter/
Jan 15, 2018 1:55:20 PM jenkins.security.ClassFilterImpl lambda$isBlacklisted$1
WARNING: org.kohsuke.github.GHUser in file:/var/lib/jenkins/plugins/github-api/WEB-INF/lib/github-api-1.90.jar might be dangerous, so rejecting; see https://jenkins.io/redirect/class-filter/

       

      The mitigation technique worked by adding the class names to the Hudson classfilter:

      -Dhudson.remoting.ClassFilter=org.kohsuke.github.*

      ^ This doesn't actually work, would need to force all of the dependent classes individually here. In my case, the WARNING messages just didn't show up in the log until later than I expected and still resulted in the build.xml throwing the stack traces below when a job using the GHPRB was run.

       

      Attachments

        Issue Links

          is duplicated by

          Bug - A problem which impairs or prevents the functions of the product. JENKINS-48952 java.lang.RuntimeException: Failed to serialize hudson.model.Actionable

          • Blocker - Blocks development and/or testing work, production could not run.
          • Resolved

          Bug - A problem which impairs or prevents the functions of the product. JENKINS-51511 Build job serialization is failing on 2.107.3 LTS causing loss of data.

          • Major - Major loss of function.
          • Resolved

          Bug - A problem which impairs or prevents the functions of the product. JENKINS-51663 BuildNameSetter Plugin failing serialization

          • Major - Major loss of function.
          • Resolved
          is related to

          Bug - A problem which impairs or prevents the functions of the product. JENKINS-51511 Build job serialization is failing on 2.107.3 LTS causing loss of data.

          • Major - Major loss of function.
          • Resolved
          relates to

          Improvement - An improvement or enhancement to an existing feature or task. JENKINS-48954 GitHub API plugin should whitelist Model classes of GitHub API

          • Critical - Crashes, loss of data, severe memory leak.
          • Resolved

          Bug - A problem which impairs or prevents the functions of the product. JENKINS-49282 Caused by: java.lang.UnsupportedOperationException: Refusing to marshal org.kohsuke.github.GHRepository for security reasons;

          • Major - Major loss of function.
          • Resolved
          links to

          Web Link https://github.com/jenkinsci/github-api-plugin/pull/18

          Web Link PR 616

          Activity

            People

              jglick Jesse Glick
              sasquatch85 Jeremy Stewart
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: