On Fri, 21 May 2021 15:58:15 GMT, Chris Hegarty <[email protected]> wrote:
>> Roger Riggs has updated the pull request incrementally with one additional >> commit since the last revision: >> >> Simplify factory interface to BinaryOperator<ObjectInputFilter> and >> cleanup the example > > src/java.base/share/classes/java/io/ObjectInputFilter.java line 56: > >> 54: * </strong></p> >> 55: * >> 56: * <p>To protect the JVM against deserialization vulnerabilities, >> application developers > > I would personally drop "the JVM", leaving "To protect against > deserialization ..", since the protection is applicable to more than the JVM > ( applications, libraries, etc). There's a terminology push and pull about what to call everything in the java runtime. Some use the term system, a few use JVM, etc. The terminology here came from the JEP. In this context is it unnecessary. ------------- PR: https://git.openjdk.java.net/jdk/pull/3996
