Branch: refs/heads/JENKINS-28586
Home: https://github.com/jenkinsci/script-security-plugin
Commit: 662ded007f1adc146190f7b94ab6be7487edd877
https://github.com/jenkinsci/script-security-plugin/commit/662ded007f1adc146190f7b94ab6be7487edd877
Author: Kohsuke Kawaguchi <k...@kohsuke.org>
Date: 2015-05-26 (Tue, 26 May 2015)
Changed paths:
M
src/main/resources/org/jenkinsci/plugins/scriptsecurity/sandbox/whitelists/generic-whitelist
M
src/test/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SandboxInterceptorTest.java
Log Message:
-----------
[JENKINS-28586] A test case as the baseline.
Commit: 5b4f6f915264ddcd1070cf44d0382f569316c4b0
https://github.com/jenkinsci/script-security-plugin/commit/5b4f6f915264ddcd1070cf44d0382f569316c4b0
Author: Kohsuke Kawaguchi <k...@kohsuke.org>
Date: 2015-05-26 (Tue, 26 May 2015)
Changed paths:
A
src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/ClosureSupport.java
M
src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SandboxInterceptor.java
M
src/main/resources/org/jenkinsci/plugins/scriptsecurity/sandbox/whitelists/generic-whitelist
M
src/test/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SandboxInterceptorTest.java
Log Message:
-----------
[JENKINS-28586] Figure out the target of Closure method call
To be able to use closures safely, figure out where closures are
forwarding method calls and property accesses, then check access at
that point.
Ideally, a logic like this should live in its own Whitelist, something
like ClosureWhitelist for better readability. But as it stands now,
JENKINS-28586 prevents me from doing that.
Compare:
https://github.com/jenkinsci/script-security-plugin/compare/662ded007f1a^...5b4f6f915264
--
You received this message because you are subscribed to the Google Groups
"Jenkins Commits" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to jenkinsci-commits+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
