Re: sec-170: What need plugins to do to declare vars they provide?

> On May 13, 2016, at 01:33, Jesse Glick wrote: > > Just set variables according to a `Cause` or similar. > > -- > You received this message because you are subscribed to a topic in the Google > Groups "Jenkins Developers" group. > To unsubscribe from this topic, visit

Re: sec-170: What need plugins to do to declare vars they provide?

Just set variables according to a `Cause` or similar. -- You received this message because you are subscribed to the Google Groups "Jenkins Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-dev+unsubscr...@googlegroups.com. To view

Re: sec-170: What need plugins to do to declare vars they provide?

EnvironmentContributor is the worst thing for trigger plugins imho. Trigger plugins injecting known and safe named variables, they should never be filtered out from job variables. Hiding vars for already setuped envs sounds like a disaster. On Thursday, May 12, 2016 at 5:54:26 PM UTC+3, Daniel

Re: sec-170: What need plugins to do to declare vars they provide?

> On 12.05.2016, at 16:47, Robert Sandell wrote: > > But at the same time I need to get a fix out for my users. I fear that early implementations to handle this new restriction will be heavily copy/pasted. So even if you intend to switch to a different approach as

Re: sec-170: What need plugins to do to declare vars they provide?

On Thu, May 12, 2016 at 3:52 PM, Daniel Beck wrote: > > > On 12.05.2016, at 15:08, Robert Sandell wrote: > > > > System.setProperty("hudson.model.ParametersAction.safeParameters", > existing + "MY,OWN") > > seems like a valid option without breaking

Re: sec-170: What need plugins to do to declare vars they provide?

> On 12.05.2016, at 15:08, Robert Sandell wrote: > > System.setProperty("hudson.model.ParametersAction.safeParameters", existing + > "MY,OWN") > seems like a valid option without breaking anything to me? May just be me, but this looks like a clear abuse of the escape

Re: sec-170: What need plugins to do to declare vars they provide?

On Thu, May 12, 2016 at 2:33 PM, Daniel Beck wrote: > > > On 12.05.2016, at 11:03, Robert Sandell wrote: > > > > so I'm going to try to hack my way to adding to the safeParameters field > instead > > Are you trying to force me into removing it? >

Re: sec-170: What need plugins to do to declare vars they provide?

> On 12.05.2016, at 10:48, 'Björn Pedersen' via Jenkins Developers > wrote: > > Since sec-170 all unknown variables will get dropped. What needs to be done > in a plugin to correctly declare the vars they provide? My blog post mentions a few options towards

Re: sec-170: What need plugins to do to declare vars they provide?

> On 12.05.2016, at 11:03, Robert Sandell wrote: > > so I'm going to try to hack my way to adding to the safeParameters field > instead Are you trying to force me into removing it? -- You received this message because you are subscribed to the Google Groups "Jenkins

Re: sec-170: What need plugins to do to declare vars they provide?

One alternative is to implement and EnvironmentContributor, one example here https://github.com/jenkinsci/ghprb-plugin/pull/336 If I'm reading the code correctly on ParametersAction the above alternative would still print nasty warnings in the Jenkins log though, so I'm going to try to hack my

sec-170: What need plugins to do to declare vars they provide?

Hi, Since sec-170 all unknown variables will get dropped. What needs to be done in a plugin to correctly declare the vars they provide? Björn -- You received this message because you are subscribed to the Google Groups "Jenkins Developers" group. To unsubscribe from this group and stop