Github user rakeshadr commented on a diff in the pull request:
https://github.com/apache/zookeeper/pull/232#discussion_r117658709
--- Diff: src/java/main/org/apache/zookeeper/ZooDefs.java ---
@@ -96,21 +97,20 @@
/**
* This is a completely open ACL .
*/
- public final ArrayList<ACL> OPEN_ACL_UNSAFE = new ArrayList<ACL>(
- Collections.singletonList(new ACL(Perms.ALL,
ANYONE_ID_UNSAFE)));
+ public final List<ACL> OPEN_ACL_UNSAFE =
--- End diff --
@afine , Its touching an exposed API and changing to List will impact b/w
compatibility. Could you please follow the branch-3.5 fix like adding an
exclude entry in `findbugsExcludeFile.xml`,
```
<!-- Disable 'Malicious code vulnerability warnings' due to mutable
collection types in interface.
Undo this when ZOOKEEPER-1362 is done. -->
<Match>
<Class name="org.apache.zookeeper.ZooDefs$Ids"/>
<Bug pattern="MS_MUTABLE_COLLECTION" />
</Match>
```
API doc referenece http://zookeeper.apache.org/doc/r3.4.10/api/
Also, please read the discussions in
https://issues.apache.org/jira/browse/ZOOKEEPER-1362
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---
