uschindler commented on pull request #551: URL: https://github.com/apache/lucene/pull/551#issuecomment-998859332
> bq. This is by the way the same like JDK does it. > > The JDK doesn't have any runtime checks for this, I believe - it's shifted to the module system to verify accessibility: https://github.com/openjdk/jdk/blob/master/src/java.base/share/classes/jdk/internal/access/SharedSecrets.java Sure I was imprecise. In Java 8 they have this check. The difference: JDK 11 is always encapsulated, but lucene can be used with classpath and people will do this forever, trust me. So I will add a PR to add this, it's so simple and brings security. Trust me people will always use those methods and here they clearly should never ever do this. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
