[
https://issues.apache.org/jira/browse/SLING-12519?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18011914#comment-18011914
]
Scott Yuan commented on SLING-12519:
------------------------------------
[~joerghoh] , thank you for raising SLING-12873. Removing the {{synchronized}}
statement from {{getNative()}} is definitely a simpler fix, given that its
current usage is single-threaded.
> Dangerous instance of double-checked locking used in
> wrapper/ScriptableBase.java
> --------------------------------------------------------------------------------
>
> Key: SLING-12519
> URL: https://issues.apache.org/jira/browse/SLING-12519
> Project: Sling
> Issue Type: Improvement
> Components: Scripting
> Affects Versions: Scripting JavaScript 3.1.4
> Reporter: Scott Yuan
> Priority: Major
> Attachments: image-2024-12-02-11-52-14-376.png
>
>
> When activating forked stream SonarQube testing, it was discovered that
> wrapper/ScriptableBase (line #49) uses an outdated and generally discouraged
> pattern known as double-checked locking. This practice is marked as
> potentially dangerous, as highlighted by SonarQube's rule S2168.
> !image-2024-12-02-11-52-14-376.png!
> To resolve this issue, replace the double-checked locking mechanism with
> method-level synchronization. This change will enhance the reliability of the
> Apache Sling Script JavaScript Support implementation.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
