Details
-
Bug
-
Status: Reopened
-
Major
-
Resolution: Unresolved
-
1.7.0
-
None
-
Operating System: other
Platform: Other
-
35267
Description
The BeanMap class in the "optional" section has:
public static HashMap defaultTransformers = new HashMap();
I think this is a really bad idea.
Firstly, because it's static, various parts of an application can interact in
unexpected ways. For example, some library your code is calling might,
unexpectedly, add a transformer to the default transformers causing surprising
effects.
That's even more interesting if the library (commons-collections or
commons-beanutils) is deployed via a shared webapp in a container. In that case,
one webapp can have side-effects on other webapps.
And because it's a public member, there is no way to control access to this field.
This class was in commons-collections since 1.0. It was copied into
commons-beanutils before the 1.7.0 release, and deprecated in commons-collections.
This class is only in the "optional" section, and is not used by the core
beanutils code.
Attachments
Issue Links
- is duplicated by
-
-
- Resolved
-