Hi, IMO the change is almost mandatory for 2.3.0.
Please also see the discussion in "[myfaces core] don't deserialize ViewState-ID if state saving method is server". @Leo: Do you have time to refactor it? Otherwise i would reapply my patch but with "random" instead of "secureRandom". Thats fine for now. We can still refactor or improve the API later in 2.3.x or even in JSF.next. Regards, Thomas 2018-01-28 0:17 GMT+01:00 Paul Nicolucci <[email protected]>: > Hi, > > It looks like the only remaining item we have before we can deliver 2.3.0 > is : https://issues.apache.org/jira/browse/MYFACES-4133 > > @Leonardo/Thomas, has an acceptable fix been created? Can we deliver 2.3.0 > without a fix or is this mandatory? > > Thanks, > > Paul >
