-
-
Notifications
You must be signed in to change notification settings - Fork 8.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow all immutable List subclasses from Java 11 #10026
base: master
Are you sure you want to change the base?
Conversation
Yay, your first pull request towards Jenkins core was created successfully! Thank you so much! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
seems ok, do you have a specific need for them though?
@jglick / @dwnusbaum any opinion? |
I used it recently in the Scriptler plugin, which is how I came across this. By only having And then while I was here, I also thought that adding the |
/label ready-for-merge This PR is now ready for merge, after ~24 hours, we will merge it if there's no negative feedback. Thanks! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
-0 I guess. It is not a security threat, but neither is it necessary: jenkinsci/scriptler-plugin#134 (review)
Most of the classes listed in the whitelist were there not because they should be serialized but because they were being serialized by some plugin at the time https://jenkins.io/jep/200 was developed, and it was simpler to allow the class temporarily than to wait for a plugin release removing the usage. New code should only use simple types like ArrayList
. Always look at your actual config.xml
serial form.
Why should something like In terms of the serialized forms, that's currently fair: using an <parameters>
<org.jenkinsci.plugins.scriptler.config.Parameter>
<name>test</name>
<value>value1</value>
</org.jenkinsci.plugins.scriptler.config.Parameter>
</parameters> while using <parameters class="java.util.ImmutableCollections$List12" resolves-to="java.util.CollSer" serialization="custom">
<java.util.CollSer>
<default>
<tag>1</tag>
</default>
<int>1</int>
<org.jenkinsci.plugins.scriptler.config.Parameter>
<name>test</name>
<value>value</value>
</org.jenkinsci.plugins.scriptler.config.Parameter>
</java.util.CollSer>
</parameters> which appears to be because it implements custom serialization methods. But I would argue that the second form should be improved (if possible) rather than always preferring the first form. |
Core could get additional custom XStream converters if necessary. But it is not necessary: the field in an XStream-serialized class should always use the plainest collection possible types—generally A |
I think I see why I would still argue that we should probably add |
A previous commit specifically allowed one of the two subclasses used by `List.of` and `List.copyOf`, but not the other, which can result in unexpected errors and bugs. Add the other to the default allow list of classes to avoid these.
517c7b8
to
fc4a567
Compare
I've pushed a new commit and updated the PR description to reflect that we're only allowing immutable |
As a rule, nothing should ever be added to this whitelist ever again. The damage has already been partially done in this case so this PR is more a matter of completing the mistake. No plugin code should be written which relies on it.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Mostly harmless.
This PR is now ready for merge. We will merge it after approximately 24 hours if there is no negative feedback. /label ready-for-merge |
A previous commit specifically allowed one of the two subclasses used by
List.of
andList.copyOf
, but not the other, which can result in unexpected errors and bugs. Add the other to the default allow list of classes to avoid these.Testing done
None.
Proposed changelog entries
Proposed upgrade guidelines
N/A
Submitter checklist
Desired reviewers
N/A
Before the changes are marked as
ready-for-merge
:Maintainer checklist