From ccf57d7138ef48ba07ca93f5ae6e6118590716fd Mon Sep 17 00:00:00 2001 From: Arpan Chakraborty Date: Sun, 15 Mar 2026 01:37:17 +0530 Subject: [PATCH 1/5] Fix resource leak: wrap GroovyClassLoader in try-with-resources --- .../java/hudson/plugins/emailext/ExtendedEmailPublisher.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/main/java/hudson/plugins/emailext/ExtendedEmailPublisher.java b/src/main/java/hudson/plugins/emailext/ExtendedEmailPublisher.java index 193971f7..95adb1f9 100644 --- a/src/main/java/hudson/plugins/emailext/ExtendedEmailPublisher.java +++ b/src/main/java/hudson/plugins/emailext/ExtendedEmailPublisher.java @@ -857,7 +857,7 @@ private ClassLoader expandClasspath(ExtendedEmailPublisherContext context, Class boolean useSecurity = Jenkins.get().isUseSecurity(); if (!classpathList.isEmpty()) { - GroovyClassLoader gloader = new GroovyClassLoader(loader); + try (GroovyClassLoader gloader = new GroovyClassLoader(loader)) { gloader.setShouldRecompile(true); for (ClasspathEntry entry : classpathList) { if (useSecurity) { @@ -866,6 +866,7 @@ private ClassLoader expandClasspath(ExtendedEmailPublisherContext context, Class gloader.addURL(entry.getURL()); } loader = gloader; + } } if (useSecurity) { return GroovySandbox.createSecureClassLoader(loader); From 905624c8e40b5ed8229110027fb823a280361bbf Mon Sep 17 00:00:00 2001 From: Arpan Chakraborty Date: Sun, 15 Mar 2026 11:10:21 +0530 Subject: [PATCH 2/5] fix: apply spotless formatting --- .gitignore | Bin 143 -> 157 bytes .../emailext/ExtendedEmailPublisher.java | 14 +++++++------- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.gitignore b/.gitignore index 63188ef58ae840893abeaedcfc7796830ae335e4..91d18d0a58dc9813a6f007302f1a5b8e25c963ed 100644 GIT binary patch delta 27 icmeBYoXa?&Q$&xUjG>qznIWGcg&~zepMjTwiva*%H3d`v delta 13 UcmbQs*v~kjlTAM Date: Mon, 16 Mar 2026 21:24:48 +0530 Subject: [PATCH 3/5] Apply spotless formatting --- .vscode/settings.json | 3 +++ .../emailext/ExtendedEmailPublisher.java | 19 +++++++++---------- .../hudson/plugins/emailext/MailAccount.java | 2 +- 3 files changed, 13 insertions(+), 11 deletions(-) create mode 100644 .vscode/settings.json diff --git a/.vscode/settings.json b/.vscode/settings.json new file mode 100644 index 00000000..7b016a89 --- /dev/null +++ b/.vscode/settings.json @@ -0,0 +1,3 @@ +{ + "java.compile.nullAnalysis.mode": "automatic" +} \ No newline at end of file diff --git a/src/main/java/hudson/plugins/emailext/ExtendedEmailPublisher.java b/src/main/java/hudson/plugins/emailext/ExtendedEmailPublisher.java index ab05de9b..9aa93a89 100644 --- a/src/main/java/hudson/plugins/emailext/ExtendedEmailPublisher.java +++ b/src/main/java/hudson/plugins/emailext/ExtendedEmailPublisher.java @@ -857,17 +857,16 @@ private ClassLoader expandClasspath(ExtendedEmailPublisherContext context, Class boolean useSecurity = Jenkins.get().isUseSecurity(); if (!classpathList.isEmpty()) { - try (GroovyClassLoader gloader = new GroovyClassLoader(loader)) { - gloader.setShouldRecompile(true); - for (ClasspathEntry entry : classpathList) { - if (useSecurity) { - ScriptApproval.get().using(entry); - } - gloader.addURL(entry.getURL()); - } - loader = gloader; - } + try (GroovyClassLoader gloader = new GroovyClassLoader(loader)) { + gloader.setShouldRecompile(true); + for (ClasspathEntry entry : classpathList) { + if (useSecurity) { + ScriptApproval.get().using(entry); } + gloader.addURL(entry.getURL()); + } + loader = gloader; +} if (useSecurity) { return GroovySandbox.createSecureClassLoader(loader); } else { diff --git a/src/main/java/hudson/plugins/emailext/MailAccount.java b/src/main/java/hudson/plugins/emailext/MailAccount.java index bfb4e4e1..384b58b6 100644 --- a/src/main/java/hudson/plugins/emailext/MailAccount.java +++ b/src/main/java/hudson/plugins/emailext/MailAccount.java @@ -170,7 +170,7 @@ public FormValidation doCheckCredentialsId( if (CredentialsProvider.listCredentials( StandardUsernamePasswordCredentials.class, item, - item instanceof Queue.Task t ? Tasks.getAuthenticationOf(t) : ACL.SYSTEM, + item instanceof Queue.Task t ? Tasks.getAuthenticationOf2(t) : ACL.SYSTEM2, null, CredentialsMatchers.withId(value)) .isEmpty()) { From 6ba51fca8e112f83a56f4407720930123dd40e27 Mon Sep 17 00:00:00 2001 From: Arpan Chakraborty Date: Mon, 16 Mar 2026 22:16:44 +0530 Subject: [PATCH 4/5] Fix indentation in try-with-resources block --- .../emailext/ExtendedEmailPublisher.java | 21 ++++++++++--------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/src/main/java/hudson/plugins/emailext/ExtendedEmailPublisher.java b/src/main/java/hudson/plugins/emailext/ExtendedEmailPublisher.java index 9aa93a89..4ac1cd1d 100644 --- a/src/main/java/hudson/plugins/emailext/ExtendedEmailPublisher.java +++ b/src/main/java/hudson/plugins/emailext/ExtendedEmailPublisher.java @@ -856,17 +856,18 @@ private ClassLoader expandClasspath(ExtendedEmailPublisherContext context, Class } boolean useSecurity = Jenkins.get().isUseSecurity(); - if (!classpathList.isEmpty()) { - try (GroovyClassLoader gloader = new GroovyClassLoader(loader)) { - gloader.setShouldRecompile(true); - for (ClasspathEntry entry : classpathList) { - if (useSecurity) { - ScriptApproval.get().using(entry); + if (!classpathList.isEmpty()) { + try (GroovyClassLoader gloader = new GroovyClassLoader(loader)) { + gloader.setShouldRecompile(true); + for (ClasspathEntry entry : classpathList) { + if (useSecurity) { + ScriptApproval.get().using(entry); + } + gloader.addURL(entry.getURL()); + } + loader = gloader; + } } - gloader.addURL(entry.getURL()); - } - loader = gloader; -} if (useSecurity) { return GroovySandbox.createSecureClassLoader(loader); } else { From 3835b9be29bd37ea871e4e8233f3197f02c49c73 Mon Sep 17 00:00:00 2001 From: Arpan Chakraborty Date: Tue, 17 Mar 2026 14:03:12 +0530 Subject: [PATCH 5/5] fix: Replace deprecated ACL.SYSTEM with ACL.SYSTEM2 in migrateCredentials() --- src/main/java/hudson/plugins/emailext/MailAccount.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/main/java/hudson/plugins/emailext/MailAccount.java b/src/main/java/hudson/plugins/emailext/MailAccount.java index 384b58b6..ff6a4a87 100644 --- a/src/main/java/hudson/plugins/emailext/MailAccount.java +++ b/src/main/java/hudson/plugins/emailext/MailAccount.java @@ -170,7 +170,7 @@ public FormValidation doCheckCredentialsId( if (CredentialsProvider.listCredentials( StandardUsernamePasswordCredentials.class, item, - item instanceof Queue.Task t ? Tasks.getAuthenticationOf2(t) : ACL.SYSTEM2, + item instanceof Queue.Task t ? Tasks.getAuthenticationOf2(t) : ACL.SYSTEM2, null, CredentialsMatchers.withId(value)) .isEmpty()) { @@ -310,7 +310,7 @@ private void migrateCredentials() { } final List credentials = CredentialsMatchers.filter( CredentialsProvider.lookupCredentials( - StandardUsernamePasswordCredentials.class, Jenkins.get(), ACL.SYSTEM, domainRequirement), + StandardUsernamePasswordCredentials.class, Jenkins.get(), ACL.SYSTEM2, domainRequirement), CredentialsMatchers.withUsername(smtpUsername)); for (final StandardUsernamePasswordCredentials cred : credentials) { if (smtpPassword.getPlainText().equals(Secret.toString(cred.getPassword()))) {