Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-48954

GitHub API plugin should whitelist Model classes of GitHub API

    XMLWordPrintable

    Details

    • Similar Issues:

      Description

      In some cases plugin classes are being used for serialization over the channel or storing data on the disk. E.g. JENKINS-48950 and JENKINS-48952. It is probably safe to just allow it for model classes.

        Attachments

          Issue Links

            Activity

            Hide
            oleg_nenashev Oleg Nenashev added a comment -

            I agree

            Show
            oleg_nenashev Oleg Nenashev added a comment - I agree
            Hide
            jglick Jesse Glick added a comment -

            From what I can see so far, no patched to github-api are necessary or desirable. We just need to fix ghprb.

            Show
            jglick Jesse Glick added a comment - From what I can see so far, no patched to github-api are necessary or desirable. We just need to fix ghprb .
            Hide
            oleg_nenashev Oleg Nenashev added a comment -

            I am working on workarounds in GHPRB for now, but will put patches just in case

            Show
            oleg_nenashev Oleg Nenashev added a comment - I am working on workarounds in GHPRB for now, but will put patches just in case
            Hide
            jglick Jesse Glick added a comment -

            I am not convinced this is even desirable.

            Show
            jglick Jesse Glick added a comment - I am not convinced this is even desirable.
            Hide
            oleg_nenashev Oleg Nenashev added a comment -

            Pending patch

            Show
            oleg_nenashev Oleg Nenashev added a comment - Pending patch
            Hide
            oleg_nenashev Oleg Nenashev added a comment -

            I do not think that whitelisting of entire library is plausible since there are potentially dangerous classes

            Show
            oleg_nenashev Oleg Nenashev added a comment - I do not think that whitelisting of entire library is plausible since there are potentially dangerous classes

              People

              • Assignee:
                oleg_nenashev Oleg Nenashev
                Reporter:
                oleg_nenashev Oleg Nenashev
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: