Skip to content
/ groovy-sandbox Public
forked from jenkinsci/groovy-sandbox

Compile-time transformer to run Groovy code in a restrictive sandbox

groovy-sandbox.kohsuke.org/

License

MIT license
0 stars 61 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

riptano/groovy-sandbox

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

186 Commits
src
src
 
 
.gitignore
.gitignore
 
 
Jenkinsfile
Jenkinsfile
 
 
LICENSE.md
LICENSE.md
 
 
README.md
README.md
 
 
ast.sh
ast.sh
 
 
pom.xml
pom.xml
 
 

Repository files navigation

groovy-sandbox

Compile-time transformer to run Groovy code in a restrictive sandbox. Executes untrusted Groovy script safely.

Documentation.

Maven dependency

<dependency>
    <groupId>org.kohsuke</groupId>
    <artifactId>groovy-sandbox</artifactId>
    <version>1.6</version>
</dependency>

Usage

A good example can be found here. This is a simple test that always expects a SecurityException:

class Test {
    static class DenyAll extends GroovyValueFilter {
        Object filter(Object o) { throw new SecurityException('Denied!') }
    }
    @Test(expected = SecurityException)
    void testScript() {
        final sh = new GroovyShell(new CompilerConfiguration()
                .addCompilationCustomizers(new SandboxTransformer()))
        new DenyAll().register()
        sh.evaluate('println hi')
    }
}

About

Compile-time transformer to run Groovy code in a restrictive sandbox

groovy-sandbox.kohsuke.org/

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

7 watching

Forks

1 fork
Report repository

Releases

16 tags

Packages

No packages published

Languages

  • Java 75.7%
  • Groovy 24.2%
  • Shell 0.1%