[
https://issues.apache.org/jira/browse/CODEC-55?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16640079#comment-16640079
]
Daniel Atallah commented on CODEC-55:
-------------------------------------
I agree with the sentiments that the lack of thread safety is not a
vulnerability. In this case, I think that it's clearly called out in the
documentation (some of the constraints on thread safe usage are a bit odd from
an API perspective, but as long as it's documented I don't think it's even a
bug).
I have asked the WhiteSource team to re-evaluate that they consider this a
vulnerability - maybe that's all that is necessary.
> make all "business" method implementations of public API thread safe
> ---------------------------------------------------------------------
>
> Key: CODEC-55
> URL: https://issues.apache.org/jira/browse/CODEC-55
> Project: Commons Codec
> Issue Type: Wish
> Reporter: Qingtian Wang
> Priority: Major
> Fix For: 1.x
>
> Attachments: CODEC-55-Wrapper-Implementations.patch,
> concurrentCodecs.diff, concurrentQDiff.diff, urlcodec.patch
>
>
> Maybe most of the implementations are already thread safe. Just such that
> codec can say so in general...
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
