Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-48954

GitHub API plugin should whitelist Model classes of GitHub API

    XMLWordPrintable

Details

    Description

      In some cases plugin classes are being used for serialization over the channel or storing data on the disk. E.g. JENKINS-48950 and JENKINS-48952. It is probably safe to just allow it for model classes.

      Attachments

        Issue Links

          relates to

          Bug - A problem which impairs or prevents the functions of the product. JENKINS-48952 java.lang.RuntimeException: Failed to serialize hudson.model.Actionable

          • Blocker - Blocks development and/or testing work, production could not run.
          • Resolved

          Bug - A problem which impairs or prevents the functions of the product. JENKINS-48950 JEP-200: GHPRB Plugin Fails Whitelist

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Resolved
          links to

          Web Link https://github.com/jenkinsci/github-api-plugin/pull/18

          Activity

            Ascending order - Click to sort in descending order
            oleg_nenashev Oleg Nenashev added a comment -

            I do not think that whitelisting of entire library is plausible since there are potentially dangerous classes

            oleg_nenashev Oleg Nenashev added a comment - I do not think that whitelisting of entire library is plausible since there are potentially dangerous classes
            oleg_nenashev Oleg Nenashev added a comment -

            Pending patch

            oleg_nenashev Oleg Nenashev added a comment - Pending patch
            jglick Jesse Glick added a comment -

            I am not convinced this is even desirable.

            jglick Jesse Glick added a comment - I am not convinced this is even desirable.
            oleg_nenashev Oleg Nenashev added a comment -

            I am working on workarounds in GHPRB for now, but will put patches just in case

            oleg_nenashev Oleg Nenashev added a comment - I am working on workarounds in GHPRB for now, but will put patches just in case
            jglick Jesse Glick added a comment -

            From what I can see so far, no patched to github-api are necessary or desirable. We just need to fix ghprb.

            jglick Jesse Glick added a comment - From what I can see so far, no patched to github-api are necessary or desirable. We just need to fix ghprb .
            oleg_nenashev Oleg Nenashev added a comment -

            I agree

            oleg_nenashev Oleg Nenashev added a comment - I agree

            People

              oleg_nenashev Oleg Nenashev
              oleg_nenashev Oleg Nenashev
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: