[
https://issues.apache.org/jira/browse/IO-758?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17465237#comment-17465237
]
Gary D. Gregory commented on IO-758:
------------------------------------
Sounds good.
> Add factory method as replacement for PathUtils.NOFOLLOW_LINK_OPTION_ARRAY
> --------------------------------------------------------------------------
>
> Key: IO-758
> URL: https://issues.apache.org/jira/browse/IO-758
> Project: Commons IO
> Issue Type: Improvement
> Components: Utilities
> Affects Versions: 2.11.0
> Reporter: Marcono1234
> Priority: Minor
>
> The public static field
> {{org.apache.commons.io.file.PathUtils.NOFOLLOW_LINK_OPTION_ARRAY}} has as
> value a non-empty array.
> This is error-prone because by accident (or intentionally by malicious code)
> the element of the array could be replaced, which could cause completely
> unrelated parts of an application to malfunction.
> See also SonarSource rule
> [RSPEC-2386|https://rules.sonarsource.com/java/RSPEC-2386].
> It would be good to instead add a static factory method which creates a new
> array every time and to mark the {{NOFOLLOW_LINK_OPTION_ARRAY}} field as
> deprecated (for removal?).
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
