Thanks Baptiste, that's good to know (or not :( ). A bit of background, this is in regard to maintaining the poll-mailbox-trigger-plugin <https://github.com/jenkinsci/poll-mailbox-trigger-plugin/tree/SUPPORT_JENKINS_2.7.1_LTS> - I'll add it to the following list of "Plugins affected by fix for SECURITY-170 <https://wiki.jenkins-ci.org/display/JENKINS/Plugins+affected+by+fix+for+SECURITY-170> ".
*As the plugin maintainer, can I inject variables programmatically, as environment variables instead?* OR should I advise users to do one of the following: - explicitly add parameters to their jobs? - define a -Dhudson.model.ParametersAction.safeParameters=FOO,BAR property? - define a -Dhudson.model.ParametersAction.keepUndefinedParameters=true property? Kind regards, Nick On Thursday, 4 August 2016 05:30:24 UTC+10, Baptiste Mathus wrote: > > It won't work as of SECURITY-170. > > See > https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11 > > for details. > > Can't you list all of those parameters with some left undefined depending > on the build? > > Cheers > > Le 3 août 2016 8:54 PM, "Nick Grealy" <[email protected] <javascript:>> > a écrit : > >> Ok, what happens when the parameter names are dynamic (ie. Not known in >> advance)? >> >> Should I be using environment variables instead? (How do I add them >> programmatically?) >> >> Thanks >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Jenkins Developers" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected] <javascript:>. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/jenkinsci-dev/9274c1af-eaff-40b6-bb09-cefbb83fbbdf%40googlegroups.com >> . >> For more options, visit https://groups.google.com/d/optout. >> > -- You received this message because you are subscribed to the Google Groups "Jenkins Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/73ef890d-6490-40d9-8cca-24194f8db2fe%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
