Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-50990

Security exception in GitChangelogStep (JEP-200)

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Major Major
    • git-changelog-plugin
    • Jira 2.107.2
      git-changelog 2.2

      Seems JEP-200 hit

      Pipeline fragment:
      def changes = gitChangelog returnType: 'CONTEXT',
      from: [type: 'REF', value: env.GERRIT_BRANCH /*env.GIT_PREVIOUS_COMMIT*/],
      to: [type: 'COMMIT', value: env.GERRIT_PATCHSET_REVISION /*env.GIT__COMMIT*/],
      jira: [issuePattern: 'XXX-([0-9]+)
      b', password: '', server: '', username: '']

      Output:
      java.lang.SecurityException: Rejected: se.bjurr.gitchangelog.api.model.Changelog; see https://jenkins.io/redirect/class-filter/
      at hudson.remoting.ClassFilter.check(ClassFilter.java:76)
      at hudson.remoting.MultiClassLoaderSerializer$Input.resolveClass(MultiClassLoaderSerializer.java:129)
      at java.io.ObjectInputStream.readNonProxyDesc(ObjectInputStream.java:1859)
      at java.io.ObjectInputStream.readClassDesc(ObjectInputStream.java:1745)
      at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:2033)
      at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1567)
      at java.io.ObjectInputStream.readObject(ObjectInputStream.java:427)
      at hudson.remoting.UserRequest.deserialize(UserRequest.java:277)
      at hudson.remoting.UserResponse.retrieve(UserRequest.java:310)
      at hudson.remoting.Channel.call(Channel.java:952)
      Caused: java.io.IOException: Failed to deserialize response to UserRequest:org.jenkinsci.plugins.gitchangelog.steps.GitChangelogStep$1$1@6c04f8e1
      at hudson.remoting.Channel.call(Channel.java:960)
      at hudson.FilePath.act(FilePath.java:1093)
      at org.jenkinsci.plugins.gitchangelog.steps.GitChangelogStep$1.run(GitChangelogStep.java:329)
      at org.jenkinsci.plugins.workflow.steps.SynchronousNonBlockingStepExecution$1$1.call(SynchronousNonBlockingStepExecution.java:49)
      at hudson.security.ACL.impersonate(ACL.java:290)
      at org.jenkinsci.plugins.workflow.steps.SynchronousNonBlockingStepExecution$1.run(SynchronousNonBlockingStepExecution.java:46)
      at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
      at java.util.concurrent.FutureTask.run(FutureTask.java:266)
      at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
      at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
      at java.lang.Thread.run(Thread.java:748)
      Finished: FAILURE

            tomasbjerre Tomas Bjerre
            egorse Sergey Egorov
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved: