[jenkinsci/script-security-plugin] d4e2e1: #252 was ineffective as soon as you started to act...

Liam Newman Thu, 30 May 2019 08:53:39 -0700

  Branch: refs/heads/master
  Home:   https://github.com/jenkinsci/script-security-plugin
  Commit: d4e2e1e0b71980b9bdd71b84f6f392e6b03c1eb0
      
https://github.com/jenkinsci/script-security-plugin/commit/d4e2e1e0b71980b9bdd71b84f6f392e6b03c1eb0
  Author: Jesse Glick <jgl...@cloudbees.com>
  Date:   2019-05-29 (Wed, 29 May 2019)


  Changed paths:
    M 
src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SandboxResolvingClassLoader.java

  Log Message:
  -----------
  #252 was ineffective as soon as you started to actually load classes from 
URLs; need to hold Class results weakly too.


  Commit: 7c93120390a47ba243e5c00f3cc112558434157b
      
https://github.com/jenkinsci/script-security-plugin/commit/7c93120390a47ba243e5c00f3cc112558434157b
  Author: Jesse Glick <jgl...@cloudbees.com>
  Date:   2019-05-29 (Wed, 29 May 2019)

  Changed paths:
    M 
src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SecureGroovyScript.java

  Log Message:
  -----------
  Porting 
https://github.com/jenkinsci/workflow-cps-plugin/commit/b7f7be1476c4c96c23de5a51a284ce0626c34423
 to SecureGroovyScript, and analyzing non-Groovy classes loaded from JARs too.


  Commit: a5c4467dd8ce1217318f82f8ecfca801dee305e5
      
https://github.com/jenkinsci/script-security-plugin/commit/a5c4467dd8ce1217318f82f8ecfca801dee305e5
  Author: Jesse Glick <jgl...@cloudbees.com>
  Date:   2019-05-29 (Wed, 29 May 2019)

  Changed paths:
    M 
src/test/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovyMemoryLeakTest.java
    A 
src/test/resources/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/somejar.jar

  Log Message:
  -----------
  Strengthening test.


  Commit: 36d3b3a2a5b8561079cdccde53db85000dd40979
      
https://github.com/jenkinsci/script-security-plugin/commit/36d3b3a2a5b8561079cdccde53db85000dd40979
  Author: Jesse Glick <jgl...@cloudbees.com>
  Date:   2019-05-30 (Thu, 30 May 2019)

  Changed paths:
    M 
src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SandboxResolvingClassLoader.java

  Log Message:
  -----------
  @dwnusbaum notes that the patch can be simplified using weakValues.


  Commit: 1976ea5f35c0885976a78c29ec731a3b47a33e6e
      
https://github.com/jenkinsci/script-security-plugin/commit/1976ea5f35c0885976a78c29ec731a3b47a33e6e
  Author: Jesse Glick <jgl...@cloudbees.com>
  Date:   2019-05-30 (Thu, 30 May 2019)

  Changed paths:
    M 
src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SandboxResolvingClassLoader.java

  Log Message:
  -----------
  @dwnusbaum notes that Void.class may not be a safe marker value.


  Commit: c1fc0b3dd4593f891739a3c7ff8a68674801bb2c
      
https://github.com/jenkinsci/script-security-plugin/commit/c1fc0b3dd4593f891739a3c7ff8a68674801bb2c
  Author: Jesse Glick <jgl...@cloudbees.com>
  Date:   2019-05-30 (Thu, 30 May 2019)

  Changed paths:
    M 
src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SandboxResolvingClassLoader.java

  Log Message:
  -----------
  Update 
src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SandboxResolvingClassLoader.java

Co-Authored-By: Devin Nusbaum <dwnusb...@users.noreply.github.com>


  Commit: 926841e153785e6ff92503826b666fc672bee567
      
https://github.com/jenkinsci/script-security-plugin/commit/926841e153785e6ff92503826b666fc672bee567
  Author: Liam Newman <bitwise...@gmail.com>
  Date:   2019-05-30 (Thu, 30 May 2019)

  Changed paths:
    M 
src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SandboxResolvingClassLoader.java
    M 
src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SecureGroovyScript.java
    M 
src/test/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovyMemoryLeakTest.java
    A 
src/test/resources/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/somejar.jar

  Log Message:
  -----------
  Merge pull request #253 from jglick/classpath-leak-redux

Classpath leak redux


Compare: 
https://github.com/jenkinsci/script-security-plugin/compare/386607c7bceb...926841e15378

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Commits" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-commits+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-commits/jenkinsci/script-security-plugin/push/refs/heads/master/386607-926841%40github.com.
For more options, visit https://groups.google.com/d/optout.

[jenkinsci/script-security-plugin] d4e2e1: #252 was ineffective as soon as you started to act...

Reply via email to