Branch: refs/heads/master
Home: https://github.com/jenkinsci/script-security-plugin
Commit: d5c1c6004645e86e9f6fcfc982df01c68881fd9c
https://github.com/jenkinsci/script-security-plugin/commit/d5c1c6004645e86e9f6fcfc982df01c68881fd9c
Author: Devin Nusbaum <[email protected]>
Date: 2020-05-11 (Mon, 11 May 2020)
Changed paths:
M
src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/whitelists/EnumeratingWhitelist.java
M
src/main/resources/org/jenkinsci/plugins/scriptsecurity/sandbox/whitelists/jenkins-whitelist
M
src/test/java/org/jenkinsci/plugins/scriptsecurity/sandbox/whitelists/EnumeratingWhitelistTest.java
Log Message:
-----------
[JENKINS-42214] Check for instance vs static fields in FieldSignature.exists
and StaticFieldSignature.exists
Commit: 7c523373cd0017a11e03ae050d6629c97ccd62b9
https://github.com/jenkinsci/script-security-plugin/commit/7c523373cd0017a11e03ae050d6629c97ccd62b9
Author: Devin Nusbaum <[email protected]>
Date: 2022-10-18 (Tue, 18 Oct 2022)
Changed paths:
A .github/dependabot.yml
A .github/release-drafter.yml
A .github/workflows/cd.yaml
M .mvn/extensions.xml
M .mvn/maven.config
M CHANGELOG.md
M Jenkinsfile
M README.md
M pom.xml
M
src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/RejectedAccessException.java
M src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/Whitelist.java
M
src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/ClassLoaderWhitelist.java
M
src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovyCallSiteSelector.java
M
src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java
M
src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/RejectASTTransformsCustomizer.java
M
src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SandboxInterceptor.java
M
src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SecureGroovyScript.java
M
src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/whitelists/AnnotatedWhitelist.java
M
src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/whitelists/EnumeratingWhitelist.java
M
src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/whitelists/ProxyWhitelist.java
M
src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/whitelists/StaticWhitelist.java
M
src/main/java/org/jenkinsci/plugins/scriptsecurity/scripts/ApprovalContext.java
M
src/main/java/org/jenkinsci/plugins/scriptsecurity/scripts/ClasspathEntry.java
M src/main/java/org/jenkinsci/plugins/scriptsecurity/scripts/Language.java
M
src/main/java/org/jenkinsci/plugins/scriptsecurity/scripts/ScriptApproval.java
M
src/main/java/org/jenkinsci/plugins/scriptsecurity/scripts/ScriptApprovalLink.java
M
src/main/java/org/jenkinsci/plugins/scriptsecurity/scripts/ScriptApprovalNote.java
M
src/main/resources/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SecureGroovyScript/config.jelly
M
src/main/resources/org/jenkinsci/plugins/scriptsecurity/sandbox/whitelists/blacklist
M
src/main/resources/org/jenkinsci/plugins/scriptsecurity/sandbox/whitelists/generic-whitelist
M
src/main/resources/org/jenkinsci/plugins/scriptsecurity/sandbox/whitelists/jenkins-whitelist
M
src/main/resources/org/jenkinsci/plugins/scriptsecurity/scripts/ClasspathEntry/config.jelly
A
src/main/resources/org/jenkinsci/plugins/scriptsecurity/scripts/ClasspathEntry/resources.js
M
src/main/resources/org/jenkinsci/plugins/scriptsecurity/scripts/ScriptApproval/index.jelly
M
src/test/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovyCallSiteSelectorTest.java
M
src/test/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SandboxInterceptorTest.java
M
src/test/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SandboxResolvingClassLoaderTest.java
M
src/test/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SecureGroovyScriptTest.java
M
src/test/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/TestGroovyRecorder.java
M
src/test/java/org/jenkinsci/plugins/scriptsecurity/sandbox/whitelists/EnumeratingWhitelistTest.java
M
src/test/java/org/jenkinsci/plugins/scriptsecurity/sandbox/whitelists/ProxyWhitelistTest.java
M
src/test/java/org/jenkinsci/plugins/scriptsecurity/sandbox/whitelists/StaticWhitelistTest.java
M
src/test/java/org/jenkinsci/plugins/scriptsecurity/scripts/AbstractApprovalTest.java
M
src/test/java/org/jenkinsci/plugins/scriptsecurity/scripts/ClasspathEntryTest.java
M
src/test/java/org/jenkinsci/plugins/scriptsecurity/scripts/EntryApprovalTest.java
M src/test/java/org/jenkinsci/plugins/scriptsecurity/scripts/JcascTest.java
M src/test/java/org/jenkinsci/plugins/scriptsecurity/scripts/Manager.java
M
src/test/java/org/jenkinsci/plugins/scriptsecurity/scripts/ScriptApprovalNoteTest.java
M
src/test/java/org/jenkinsci/plugins/scriptsecurity/scripts/ScriptApprovalTest.java
M
src/test/resources/org/jenkinsci/plugins/scriptsecurity/scripts/ScriptApprovalTest/upgradeSmokes/scriptApproval.xml
M
src/test/resources/org/jenkinsci/plugins/scriptsecurity/scripts/smoke_test.yaml
M
src/test/resources/org/jenkinsci/plugins/scriptsecurity/scripts/smoke_test_expected.yaml
Log Message:
-----------
Merge branch 'master' into JENKINS-42214
Commit: d2f327503fe9b5ce8deedea039bbaeffc3953785
https://github.com/jenkinsci/script-security-plugin/commit/d2f327503fe9b5ce8deedea039bbaeffc3953785
Author: Devin Nusbaum <[email protected]>
Date: 2022-10-18 (Tue, 18 Oct 2022)
Changed paths:
M
src/test/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SandboxInterceptorTest.java
Log Message:
-----------
Do not silently drop instances of GroovyRuntimeException with causes other
than RejectedAccessException in assertRejected
Commit: 5599ed7d3f7e1f538ad79bebe1833532b96e2210
https://github.com/jenkinsci/script-security-plugin/commit/5599ed7d3f7e1f538ad79bebe1833532b96e2210
Author: Devin Nusbaum <[email protected]>
Date: 2022-10-18 (Tue, 18 Oct 2022)
Changed paths:
M
src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SandboxInterceptor.java
M
src/test/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SandboxInterceptorTest.java
Log Message:
-----------
SandboxInterceptor must account for static members being accessed via object
instances instead of class references
Commit: 0ca3e6d00ab00241cf051103616336cbf07c0fdf
https://github.com/jenkinsci/script-security-plugin/commit/0ca3e6d00ab00241cf051103616336cbf07c0fdf
Author: Devin Nusbaum <[email protected]>
Date: 2022-10-19 (Wed, 19 Oct 2022)
Changed paths:
M
src/test/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SandboxInterceptorTest.java
Log Message:
-----------
Add issue reference to new test
Commit: 4778ea49209b5bd39132986156a3d026cb7e60cb
https://github.com/jenkinsci/script-security-plugin/commit/4778ea49209b5bd39132986156a3d026cb7e60cb
Author: Devin Nusbaum <[email protected]>
Date: 2022-10-20 (Thu, 20 Oct 2022)
Changed paths:
M pom.xml
M
src/test/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SandboxInterceptorTest.java
Log Message:
-----------
Merge branch 'master' into JENKINS-42214
Commit: 9ea1ee236027a4d7436d7f03b00923f1cbd19aea
https://github.com/jenkinsci/script-security-plugin/commit/9ea1ee236027a4d7436d7f03b00923f1cbd19aea
Author: Jesse Glick <[email protected]>
Date: 2022-11-15 (Tue, 15 Nov 2022)
Changed paths:
M Jenkinsfile
M pom.xml
M
src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java
M
src/main/java/org/jenkinsci/plugins/scriptsecurity/scripts/ScriptApproval.java
M
src/main/resources/org/jenkinsci/plugins/scriptsecurity/scripts/ScriptApproval/index.jelly
M
src/test/java/org/jenkinsci/plugins/scriptsecurity/scripts/EntryApprovalTest.java
A
src/test/java/org/jenkinsci/plugins/scriptsecurity/scripts/HasherScriptApprovalTest.java
M src/test/java/org/jenkinsci/plugins/scriptsecurity/scripts/JcascTest.java
Log Message:
-----------
Merge branch 'master' into JENKINS-42214
Commit: f0ea59e148998da5edbe0791f57511d7e5ee4961
https://github.com/jenkinsci/script-security-plugin/commit/f0ea59e148998da5edbe0791f57511d7e5ee4961
Author: Jesse Glick <[email protected]>
Date: 2022-11-16 (Wed, 16 Nov 2022)
Changed paths:
M pom.xml
M
src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovyCallSiteSelector.java
M
src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SandboxInterceptor.java
M
src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SecureGroovyScript.java
M
src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/whitelists/EnumeratingWhitelist.java
M
src/main/java/org/jenkinsci/plugins/scriptsecurity/scripts/ScriptApproval.java
M
src/test/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovyCallSiteSelectorTest.java
M
src/test/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SandboxInterceptorTest.java
M
src/test/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SandboxResolvingClassLoaderTest.java
M
src/test/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SecureGroovyScriptTest.java
M
src/test/java/org/jenkinsci/plugins/scriptsecurity/sandbox/whitelists/ProxyWhitelistTest.java
M
src/test/java/org/jenkinsci/plugins/scriptsecurity/sandbox/whitelists/StaticWhitelistTest.java
M src/test/java/org/jenkinsci/plugins/scriptsecurity/scripts/JcascTest.java
M src/test/java/org/jenkinsci/plugins/scriptsecurity/scripts/Manager.java
Log Message:
-----------
Merge branch 'master' into JENKINS-42214
Commit: 39ca7f7ed0ace95844ed2a991efd250c477e1b4a
https://github.com/jenkinsci/script-security-plugin/commit/39ca7f7ed0ace95844ed2a991efd250c477e1b4a
Author: Jesse Glick <[email protected]>
Date: 2022-11-16 (Wed, 16 Nov 2022)
Changed paths:
M
src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SandboxInterceptor.java
M
src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/whitelists/EnumeratingWhitelist.java
M
src/main/resources/org/jenkinsci/plugins/scriptsecurity/sandbox/whitelists/jenkins-whitelist
M
src/test/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SandboxInterceptorTest.java
M
src/test/java/org/jenkinsci/plugins/scriptsecurity/sandbox/whitelists/EnumeratingWhitelistTest.java
Log Message:
-----------
Merge pull request #298 from dwnusbaum/JENKINS-42214
[JENKINS-42214] SandboxInterceptor must account for static members being
accessed via objects instead of class references
Compare:
https://github.com/jenkinsci/script-security-plugin/compare/50b005db19db...39ca7f7ed0ac
--
You received this message because you are subscribed to the Google Groups
"Jenkins Commits" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/jenkinsci-commits/jenkinsci/script-security-plugin/push/refs/heads/master/50b005-39ca7f%40github.com.
