baisui1981 commented on pull request #17521: URL: https://github.com/apache/flink/pull/17521#issuecomment-963767164
> I'm sorry, but that implementation sounds really unsafe and will only work for the simplest of use-cases. Let's say you have 2 of your plugin jars that both bundle the same dependency with incompatible version (let's say guava), and said dependency is used by the user (e.g., because it is exposed in the API of the connector). > > It's now a coin toss as to whether the correct guava version will be loaded. @zentol ,I must admit that this situation exists, but whether this is a security consideration can be left to the `Flink Developer` to judge? And i believe that this kind of problem can be circumvented by some means For flink, all need to do is to add an `Extension Point`. When the user does not extend this `Extension Point`, it has no effect on flink. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
