[WW-5288] Make excluded package exemption logic more strict - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Minor
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 6.2.0
Component/s: Core
Labels:
None

Description

Following on from the discussion in the comments on ~~WW-5268~~ - exempting classes from excluded packages should only be done if unavoidable.

Given this, I realised we should make the exemption logic more strict to prevent incorrect use and inadvertent exempting of more OGNL expressions than intended.

Currently, the exempted classes also match against superclasses. This is unnecessary and we can match against only the specific class.
Currently, an exemption against either the target or member class suffices. This can be made more strict by requiring an exemption for the class which matches the excluded package specifically, which could be either or both.
The JavaDoc for the options should be very explicit in what each configuration option achieves to prevent incorrect uses.

Attachments

Issue Links

relates to

WW-5268 Add configuration option to exempt classes from OGNL package exclusions

Closed

links to

GitHub Pull Request #190

GitHub Pull Request #664

GitHub Pull Request #690

Activity

People

Assignee:: Unassigned

Reporter:: Kusal Kithul-Godage

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 02/Mar/23 03:55

Updated:: 12/Jul/23 05:12

Resolved:: 21/Mar/23 18:34

Time Tracking

Estimated:

Not Specified

Remaining:

Logged:

3h 10m