Skip to content

jenkinsci/groovy-sandbox

master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
4 branches 32 tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
.github
 
 
.mvn
 
 
src
 
 
.gitignore
 
 
Jenkinsfile
 
 
LICENSE.md
 
 
README.md
 
 
ast.sh
 
 
pom.xml
 
 

README.md

groovy-sandbox

WARNING This library is only maintained in the context of Jenkins, and should only be used as a dependency of Jenkins plugins such as Script Security Plugin and Pipeline: Groovy Plugin. It should be considered deprecated and unsafe for all other purposes.

This library provides a compile-time transformer to run Groovy code in an environment in which most operations, such as method calls, are intercepted before being executed. Consumers of the library can hook into the interception to allow or deny specific operations.

This library is not secure when used by itself. In particular, you must at least use an additional CompilationCustomizer along the lines of RejectASTTransformsCustomizer to reject AST transformations that can bypass the sandbox, and you need to take special care to ensure untrusted scripts are both parsed and executed inside of the sandbox.

About

(Deprecated) Compile-time transformer to run Groovy code in a restrictive sandbox

Topics

jenkins groovy sandbox

Resources

Readme

License

MIT license

Code of conduct

Code of conduct

Security policy

Security policy
Activity

Stars

120 stars

Watchers

111 watching

Forks

60 forks
Report repository

Releases

32 tags

Packages

No packages published

Contributors 12

Languages