Hi guys, Are there any security concerns in leaving the default pom file(s) in meta-inf of generated jars for "commercial products"?
I find it useful to leave it there for troubleshooting purpose, thinking that there is not much security concerns but my peers are thinking otherwise. I would like to seek some advise/opinions on this topic. Cheers!
