Hi, [ERROR] Failed to deserialize response to UserRequest:com.abc.jenkins.plugins.xyz.pqr.vuw@494947d9: java.lang.SecurityException: Rejected: groovy.lang.Closure; see https://jenkins.io/redirect/class-filter/
I got the above error while building mixed groovy-java project in jenkins. As mentioned in https://jenkins.io/blog/2018/01/13/jep-200/ --> "If the class(es) are defined in a third-party library bundled in your plugin, create a resource file *META-INF/hudson.remoting.ClassFilter* listing them. (example <https://github.com/jenkinsci/workflow-support-plugin/pull/50/files>)" I added the *hudson.remoting.ClassFilter* file with the following content: *groovy.lang.Closure* Though my build was successful after adding this fix but I am not sure about how safe it is to do this. Security concerns? So my question is, will the above fix whitelist all the *groovy.lang.Closure* or just the *groovy.lang.Closure* in my project. In short what is the scope of *hudson.remoting.ClassFilter*? -- You received this message because you are subscribed to the Google Groups "Jenkins Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/25db4a48-988c-4997-b730-e8a561290176%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
