# SECURITY-538
staticMethod groovy.json.JsonOutput toJson groovy.lang.Closure
staticMethod groovy.json.JsonOutput toJson java.lang.Object

# Reflective access to Groovy is too open-ended. Approve only specific GroovyObject subclass methods.
method groovy.lang.GroovyObject getMetaClass
method groovy.lang.GroovyObject getProperty java.lang.String
method groovy.lang.GroovyObject invokeMethod java.lang.String java.lang.Object
method groovy.lang.GroovyObject setMetaClass groovy.lang.MetaClass
method groovy.lang.GroovyObject setProperty java.lang.String java.lang.Object

# Variant of Jenkins.getInstance, see below.
staticMethod hudson.model.Hudson getInstance

# Up to no good…
staticMethod hudson.model.User current
staticMethod hudson.model.User get java.lang.String
staticMethod hudson.model.User get java.lang.String boolean
staticMethod hudson.model.User get java.lang.String boolean java.util.Map
staticMethod hudson.model.User getAll

# Raw file operations could be used to compromise the Jenkins controller.
staticMethod java.io.File createTempFile java.lang.String java.lang.String
staticMethod java.io.File createTempFile java.lang.String java.lang.String java.io.File
new java.io.File java.lang.String
new java.io.File java.lang.String java.lang.String
new java.io.File java.net.URI
staticMethod java.io.File listRoots
new java.io.FileInputStream java.lang.String
new java.io.FileOutputStream java.lang.String
new java.io.FileOutputStream java.lang.String boolean
new java.io.FileReader java.lang.String
new java.io.FileWriter java.lang.String
new java.io.FileWriter java.lang.String boolean
new java.io.PrintStream java.lang.String
new java.io.PrintStream java.lang.String java.lang.String
new java.io.PrintWriter java.lang.String
new java.io.PrintWriter java.lang.String java.lang.String
new java.io.RandomAccessFile java.lang.String java.lang.String

# No reflection!
method java.lang.Class getConstructor java.lang.Class[]
method java.lang.Class getConstructors
method java.lang.Class getDeclaredConstructor java.lang.Class[]
method java.lang.Class getDeclaredConstructors
method java.lang.Class getDeclaredField java.lang.String
method java.lang.Class getDeclaredFields
method java.lang.Class getDeclaredMethod java.lang.String java.lang.Class[]
method java.lang.Class getDeclaredMethods
method java.lang.Class getField java.lang.String
method java.lang.Class getFields
method java.lang.Class getMethod java.lang.String java.lang.Class[]
method java.lang.Class getMethods
method java.lang.Class getResource java.lang.String
method java.lang.Class getResourceAsStream java.lang.String
method java.lang.Class newInstance

# Same for local process execution.
staticMethod java.lang.Runtime getRuntime

# Duh.
staticMethod java.lang.System exit int

# Leak information.
staticMethod java.lang.System getProperties
staticMethod java.lang.System getProperty java.lang.String
staticMethod java.lang.System getProperty java.lang.String java.lang.String
staticMethod java.lang.System getenv
staticMethod java.lang.System getenv java.lang.String

# SECURITY-683 speculative approach to Spectre/Meltdown
staticMethod java.lang.System nanoTime

# Maybe could bypass other protections.
staticMethod java.lang.System setProperty java.lang.String java.lang.String

# Could be used to read local files.
method java.net.URL getContent
method java.net.URL getContent java.lang.Class[]
method java.net.URL openConnection
method java.net.URL openStream

# NIO file operations must start with a Path:
staticMethod java.nio.file.Paths get java.lang.String java.lang.String[]
staticMethod java.nio.file.Paths get java.net.URI

# Do not even get started…
staticMethod jenkins.model.Jenkins getInstance

# More process execution, Groovy-style:
staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods execute java.lang.String
staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods execute java.lang.String java.lang.String[] java.io.File
staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods execute java.lang.String java.util.List java.io.File
staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods execute java.lang.String[]
staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods execute java.lang.String[] java.lang.String[] java.io.File
staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods execute java.lang.String[] java.util.List java.io.File
staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods execute java.util.List
staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods execute java.util.List java.lang.String[] java.io.File
staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods execute java.util.List java.util.List java.io.File

# SECURITY-538
staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods getAt java.lang.Object java.lang.String
staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods getMetaPropertyValues java.lang.Object
staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods getProperties java.lang.Object
staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods putAt java.lang.Object java.lang.String java.lang.Object

# SECURITY-1353
staticMethod org.codehaus.groovy.runtime.ScriptBytecodeAdapter asType java.lang.Object java.lang.Class
staticMethod org.codehaus.groovy.runtime.ScriptBytecodeAdapter castToType java.lang.Object java.lang.Class

# TODO do we need a @Blacklisted annotation?
method org.jenkinsci.plugins.workflow.support.steps.build.RunWrapper getRawBuild

# SECURITY-1754
new org.kohsuke.groovy.sandbox.impl.Checker$SuperConstructorWrapper java.lang.Object[]
new org.kohsuke.groovy.sandbox.impl.Checker$ThisConstructorWrapper java.lang.Object[]
