[
https://issues.apache.org/jira/browse/GROOVY-10931?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17745870#comment-17745870
]
Daniel Sun commented on GROOVY-10931:
-------------------------------------
We find to find legal access ways through transforming methods for Java
members, i.e. written in Java. If no legal access ways found, the warnings can
not avoided as you found in the Groovy 4_0_0 builds.
But we tried to provide $getLookup method for Groovy classes in order to ensure
legal access ways can be found.
> Remove $getLookup method generation (Groovy 4+)
> -----------------------------------------------
>
> Key: GROOVY-10931
> URL: https://issues.apache.org/jira/browse/GROOVY-10931
> Project: Groovy
> Issue Type: Wish
> Components: class generator, Compiler
> Reporter: Eric Milles
> Assignee: Eric Milles
> Priority: Major
> Labels: invokedynamic, jdk16, jdk17
> Fix For: 5.0.0-alpha-1
>
>
> The new {{$getLookup()}} method was discussed somewhat in the comments of
> GROOVY-10273. Groovy 3 has had JEP 396 (illegal access enforcement) support
> backported to the invoke dynamic pathways, without {{$getLookup}}. So, I'd
> like to restart the discussion to find out if there are any illegal-access
> scenarios that Groovy 4 supports that don't have a test case in Groovy 3.
> And if there are no scenarios that remain, I'd like to propose the removal of
> {{$getLookup}} method generation.
> I have disabled its generation in the Groovy 5 codebase, and there are no
> tests that fail. So I have good confidence that it can be removed and the
> security hole can be plugged.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
