[ https://issues.apache.org/jira/browse/GROOVY-10931?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Eric Milles resolved GROOVY-10931. ---------------------------------- Fix Version/s: 5.0.0-alpha-1 Resolution: Fixed https://github.com/apache/groovy/commit/d465bec90ebec87928a79575388df1d2ca46c530 > Remove $getLookup method generation (Groovy 4+) > ----------------------------------------------- > > Key: GROOVY-10931 > URL: https://issues.apache.org/jira/browse/GROOVY-10931 > Project: Groovy > Issue Type: Wish > Components: class generator, Compiler > Reporter: Eric Milles > Assignee: Eric Milles > Priority: Major > Labels: invokedynamic, jdk16, jdk17 > Fix For: 5.0.0-alpha-1 > > > The new {{$getLookup()}} method was discussed somewhat in the comments of > GROOVY-10273. Groovy 3 has had JEP 396 (illegal access enforcement) support > backported to the invoke dynamic pathways, without {{$getLookup}}. So, I'd > like to restart the discussion to find out if there are any illegal-access > scenarios that Groovy 4 supports that don't have a test case in Groovy 3. > And if there are no scenarios that remain, I'd like to propose the removal of > {{$getLookup}} method generation. > I have disabled its generation in the Groovy 5 codebase, and there are no > tests that fail. So I have good confidence that it can be removed and the > security hole can be plugged. -- This message was sent by Atlassian Jira (v8.20.10#820010)