Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-48954

GitHub API plugin should whitelist Model classes of GitHub API

    XMLWordPrintable

    Details

    • Similar Issues:

      Description

      In some cases plugin classes are being used for serialization over the channel or storing data on the disk. E.g. JENKINS-48950 and JENKINS-48952. It is probably safe to just allow it for model classes.

        Attachments

          Issue Links

            Activity

            oleg_nenashev Oleg Nenashev created issue -
            oleg_nenashev Oleg Nenashev made changes -
            Field Original Value New Value
            Link This issue relates to JENKINS-48950 [ JENKINS-48950 ]
            oleg_nenashev Oleg Nenashev made changes -
            Link This issue relates to JENKINS-48952 [ JENKINS-48952 ]
            oleg_nenashev Oleg Nenashev made changes -
            Status Open [ 1 ] In Progress [ 3 ]
            Hide
            oleg_nenashev Oleg Nenashev added a comment -

            I do not think that whitelisting of entire library is plausible since there are potentially dangerous classes

            Show
            oleg_nenashev Oleg Nenashev added a comment - I do not think that whitelisting of entire library is plausible since there are potentially dangerous classes
            oleg_nenashev Oleg Nenashev made changes -
            Assignee Oleg Nenashev [ oleg_nenashev ]
            oleg_nenashev Oleg Nenashev made changes -
            Priority Minor [ 4 ] Critical [ 2 ]
            Hide
            oleg_nenashev Oleg Nenashev added a comment -

            Pending patch

            Show
            oleg_nenashev Oleg Nenashev added a comment - Pending patch
            oleg_nenashev Oleg Nenashev made changes -
            Remote Link This issue links to "https://github.com/jenkinsci/github-api-plugin/pull/18 (Web Link)" [ 19802 ]
            oleg_nenashev Oleg Nenashev made changes -
            Status In Progress [ 3 ] In Review [ 10005 ]
            Hide
            jglick Jesse Glick added a comment -

            I am not convinced this is even desirable.

            Show
            jglick Jesse Glick added a comment - I am not convinced this is even desirable.
            Hide
            oleg_nenashev Oleg Nenashev added a comment -

            I am working on workarounds in GHPRB for now, but will put patches just in case

            Show
            oleg_nenashev Oleg Nenashev added a comment - I am working on workarounds in GHPRB for now, but will put patches just in case
            Hide
            jglick Jesse Glick added a comment -

            From what I can see so far, no patched to github-api are necessary or desirable. We just need to fix ghprb.

            Show
            jglick Jesse Glick added a comment - From what I can see so far, no patched to github-api are necessary or desirable. We just need to fix ghprb .
            jglick Jesse Glick made changes -
            Labels jep-200 JEP-200
            Hide
            oleg_nenashev Oleg Nenashev added a comment -

            I agree

            Show
            oleg_nenashev Oleg Nenashev added a comment - I agree
            oleg_nenashev Oleg Nenashev made changes -
            Status In Review [ 10005 ] Resolved [ 5 ]
            Resolution Won't Do [ 10001 ]

              People

              • Assignee:
                oleg_nenashev Oleg Nenashev
                Reporter:
                oleg_nenashev Oleg Nenashev
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: