Loading...

This issue is archived. You can view it, but you can't modify it. Learn more

XML

Word

Printable

Type: Bug
Resolution: Fixed
Priority: Major
Component/s: permissive-script-security-plugin, script-security-plugin, workflow-cps-plugin
Labels:
Environment:
Jenkins 2.164.2
Script Security 1.58
Permissive Script Security 0.3
Pipeline: Groovy 2.67

Released As:
0.5

After updating to Script Security 1.58 permissive script security no longer permits unsafe method calls. I have -Dpermissive-script-security.enabled=no_security set up in the java args, and before upgrading to 1.58 I was receiving no warnings/errors when calling unsafe methods as expected. After upgrading I see many warnings in my pipeline log, such as:

Scripts not permitted to use staticMethod org.jenkinsci.plugins.workflow.cps.Safepoint safepoint. Administrators can decide whether to approve or reject this signature.

- - Sort By Name
  - Sort By Date
  - Ascending
  - Descending
  - Thumbnails
  - List
  - Download All

example.JPG
2019-05-14 11:27
234 kB
Andrea Lai
scriptApproval.xml
2019-05-14 11:33
5 kB
Andrea Lai

causes

JENKINS-59227 Global Pipeline Libraries configuration lost

Open

is caused by

JENKINS-34973 RejectedAccessException thrown but no pending script approval added

Resolved

is related to

JENKINS-59145 After Jenkins upgrade pipeline script from SCM configuration is no longer visible on the GUI

Resolved

Assignee:: Oliver Gondža
Reporter:: Gabriel Loewen

Created:: 2019-04-24 17:05
Updated:: 2025-12-07 18:06
Resolved:: 2019-05-23 12:18
Archived:: 2025-12-07 18:06

Details

Description

Attachments

Attachments

Issue Links

Activity

People

Dates