Marcono1234
commented
10 months ago Related to https://github.com/frohoff/ysoserial/issues/10#issuecomment-1868298693, it seems Gradle Test Suites can also specify different JDK versions using toolchains, here is an example (not sure if this still works with the latest Gradle versions).
The advantage of Gradle toolchains is that Gradle takes care of downloading the JDK version if the user does not have it locally yet, so the user does not have to do this themselves.
However, assuming that some of the payloads require older unpatched JDKs, I don't know if it is possible or how easy it will be to obtain them using Gradle toolchains. And maybe that could also represent a security risk for the developer in case Gradle then uses those unpatched JDKs for other project builds as well since the major version requirement is satisfied.
So maybe it would be easier to just have the GitHub / Travis CI run with multiple JDK versions.
For running tests across different JDK versions to generate JDK/gadget support matrix, as well as executing generator/exploit(s). Probably something with Docker.