I just added vars/getFile.groovy to my Jenkins global library as follows: String call(name) { new java.io.File(name) } this Then I tried to invoke it from a Jenkinsfile (e.g. "echo getFile('/tmp').getAbsolutePath()") and received the error "org.jenkinsci.plugins.scriptsecurity.sandbox.RejectedAccessException: Scripts not permitted to use new java.io.File java.lang.String" with this stack trace: org.jenkinsci.plugins.scriptsecurity.sandbox.RejectedAccessException: Scripts not permitted to use new java.io.File java.lang.String at org.jenkinsci.plugins.scriptsecurity.sandbox.whitelists.StaticWhitelist.rejectNew(StaticWhitelist.java:185) at org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.SandboxInterceptor.onNewInstance(SandboxInterceptor.java:130) at org.kohsuke.groovy.sandbox.impl.Checker$3.call(Checker.java:191) at org.kohsuke.groovy.sandbox.impl.Checker.checkedConstructor(Checker.java:188) at com.cloudbees.groovy.cps.sandbox.SandboxInvoker.constructorCall(SandboxInvoker.java:19) etc... When I look at the script approval UI I see "new java.io.File java.lang.String Approving this signature may introduce a security vulnerability! You are advised to deny it." Am I missing something? It seems to me that the sandbox applies to the global library plugin at https://github.com/jenkinsci/workflow-cps-global-lib-plugin. |