[ http://issues.apache.org/jira/browse/BEANUTILS-112?page=all ]
Niall Pemberton updated BEANUTILS-112:
--------------------------------------
Bugzilla Id: (was: 35267)
Component/s: Bean-Collections
> [beanutils] defaultTransformers is public in BeanMap class
> ----------------------------------------------------------
>
> Key: BEANUTILS-112
> URL: http://issues.apache.org/jira/browse/BEANUTILS-112
> Project: Commons BeanUtils
> Issue Type: Bug
> Components: Bean-Collections
> Affects Versions: 1.6
> Environment: Operating System: other
> Platform: Other
> Reporter: Simon Kitching
> Fix For: 1.8.0
>
>
> The BeanMap class in the "optional" section has:
> public static HashMap defaultTransformers = new HashMap();
> I think this is a *really* bad idea.
> Firstly, because it's static, various parts of an application can interact in
> unexpected ways. For example, some library your code is calling might,
> unexpectedly, add a transformer to the default transformers causing surprising
> effects.
> That's even more interesting if the library (commons-collections or
> commons-beanutils) is deployed via a shared webapp in a container. In that
> case,
> one webapp can have side-effects on other webapps.
> And because it's a public member, there is no way to control access to this
> field.
> This class was in commons-collections since 1.0. It was copied into
> commons-beanutils before the 1.7.0 release, and deprecated in
> commons-collections.
> This class is only in the "optional" section, and is not used by the core
> beanutils code.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
