> On Dec 13, 2021, at 2:24 PM, Owen DeLong <o...@delong.com> wrote:
>
> The bigger problem seems to be the ever growing list of products you may be
> using which depend on it potentially without your knowledge.
This isn’t a new problem.
This is an great modern example showing how deeply embedded things could be,
and they get worse with each of these nesting technologies as well, it may be
embedded in a docker or VM image, or the class could be in some other JAR or
zip you are not aware of, or could come back with an overlapping class
definition based on the order things get loaded.
The same was always true with shared libraries and too-generic function names.
It’s such a blast from the past as I had felt we had moved past many of these
interpreted environment or parser things by properly encoding strings with a
function.
I’m really amazed at how widespread this is and what enterprise applications
have had to get patched due to them embedding this software.
- jared
