Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-46727

[JDK9] Illegal reflective access from pegdown plugin

    Details

    • Similar Issues:

      Description

      While exploring Jenkins 2.60.3 on Oracle Java 9 build 181 (pre-release), it reports illegal access exceptions and warns that a future release of Java 9 will forbid illegal access.

      A stack trace shows:

      WARNING: Illegal reflective access by org.parboiled.transform.AsmUtils to method java.lang.ClassLoader.findLoadedClass(java.lang.String)
              at org.parboiled.transform.AsmUtils.findLoadedClass(AsmUtils.java:198)
              at org.parboiled.transform.ParserTransformer.transformParser(ParserTransformer.java:35)
              at org.parboiled.Parboiled.createParser(Parboiled.java:54)
              at org.pegdown.PegDownProcessor.<init>(PegDownProcessor.java:48)
              at org.jenkins_ci.plugins.pegdown_formatter.impl.Formatter.markdownToHtml(Formatter.java:32)
              at org.jenkins_ci.plugins.pegdown_formatter.PegDownFormatter.translate(PegDownFormatter.java:95)
              at hudson.markup.MarkupFormatter.translate(MarkupFormatter.java:76)
              at org.apache.commons.jexl.util.introspection.UberspectImpl$VelMethodImpl.invoke(UberspectImpl.java:258)
              at org.apache.commons.jexl.parser.ASTMethod.execute(ASTMethod.java:104)
              at org.apache.commons.jexl.parser.ASTReference.execute(ASTReference.java:83)
              at org.apache.commons.jexl.parser.ASTReference.value(ASTReference.java:57)
              at org.apache.commons.jexl.parser.ASTExpression.value(ASTExpression.java:54)
              at org.apache.commons.jexl.parser.ASTTernaryNode.value(ASTTernaryNode.java:41)
              at org.apache.commons.jexl.parser.ASTExpression.value(ASTExpression.java:54)
              at org.apache.commons.jexl.parser.ASTExpressionExpression.value(ASTExpressionExpression.java:56)
              at org.apache.commons.jexl.ExpressionImpl.evaluate(ExpressionImpl.java:80)
              at hudson.ExpressionFactory2$JexlExpression.evaluate(ExpressionFactory2.java:74)
              at org.apache.commons.jelly.expression.ExpressionSupport.evaluateRecurse(ExpressionSupport.java:61)
              at org.apache.commons.jelly.expression.ExpressionSupport.evaluateAsString(ExpressionSupport.java:46)
              at org.apache.commons.jelly.tags.core.ExprTag.doTag(ExprTag.java:42)
              at org.apache.commons.jelly.impl.TagScript.run(TagScript.java:269)
              at org.kohsuke.stapler.jelly.ReallyStaticTagLibrary$1.run(ReallyStaticTagLibrary.java:99)
              at org.apache.commons.jelly.impl.ScriptBlock.run(ScriptBlock.java:95)
              at org.kohsuke.stapler.jelly.ReallyStaticTagLibrary$1.run(ReallyStaticTagLibrary.java:99)
              at org.apache.commons.jelly.impl.ScriptBlock.run(ScriptBlock.java:95)
              at org.apache.commons.jelly.tags.core.CoreTagLibrary$2.run(CoreTagLibrary.java:105)
              at org.kohsuke.stapler.jelly.CallTagLibScript.run(CallTagLibScript.java:120)
              at org.apache.commons.jelly.impl.ScriptBlock.run(ScriptBlock.java:95)
              at org.kohsuke.stapler.jelly.ReallyStaticTagLibrary$1.run(ReallyStaticTagLibrary.java:99)
              at org.apache.commons.jelly.TagSupport.invokeBody(TagSupport.java:161)
              at org.kohsuke.stapler.jelly.IncludeTag.doTag(IncludeTag.java:121)
              at org.apache.commons.jelly.impl.TagScript.run(TagScript.java:269)
      

        Attachments

          Activity

          Hide
          batmat Baptiste Mathus added a comment -
          Show
          batmat Baptiste Mathus added a comment - Related to https://github.com/sirthias/parboiled/issues/109 AIUI
          Hide
          markewaite Mark Waite added a comment -

          The pegdown plugin has known security issues that won't be fixed. If the maintainer is not fixing known security issues, they are unlikely to resolve warnings from the Java 11 runtime environment.

          Show
          markewaite Mark Waite added a comment - The pegdown plugin has known security issues that won't be fixed. If the maintainer is not fixing known security issues, they are unlikely to resolve warnings from the Java 11 runtime environment.

            People

            • Assignee:
              Unassigned
              Reporter:
              markewaite Mark Waite
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: