CloudBees, Inc.

CloudBees Template Plugin 4.0-beta-8

New Features

None

Resolved issues

Major

[RM-1600] Tightened security of Groovy/Jelly transformers (and JEXL computed attributes). You can either run a script in a sandbox (and then an administrator can use a link from Manage Jenkins to approve legitimate API usages), or ask an administrator to approve the whole script. (The sandbox option is available only for Groovy.) Documentation: http://docs-latest.apps.cloudbees.com/docs/user-guide-bundle/template-sect-security.html

Minor

serializeOption was broken in 1.483+ for classes defined in plugins.

Minor

[ZD-13975] When deciding whether a template name needs disambiguation, consider shadowing by displayName, not name.

Known issues

Major

See issues in beta 1.

Major

Security system is not polished yet. When creating a job fails due to a security failure, in Jenkins prior to 1.541 a stack trace is printed. Initial whitelist for sandbox is very small and typical scripts will need many entries added. UI-based management of approvals is limited (for example you cannot yet edit existing whitelist grants). Formal documentation not yet available.