You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by GitBox <gi...@apache.org> on 2019/03/06 10:15:26 UTC
[GitHub] [tomcat] markt-asf commented on issue #144: Variable adds final
modifier
markt-asf commented on issue #144: Variable adds final modifier
URL: https://github.com/apache/tomcat/pull/144#issuecomment-470050541
Potential security vulnerabilities should be reported privately to security@tomcat.apache.org. Not in a PR or any other public forum.
That said, there are no valid security risks here so - fortunately - no harm is done.
The additional of final here (and the many, many other places tools such as UCDetector will identify automatically) is more a matter of style than anything else.
Making invalid claims of 'security risks' is not helpful. It undermines the credibility of the PR and makes it more likely it will be rejected.
We generally do not make changes purely for stylistic reasons. There is a code quality case that could be made for this change but it isn't a particularly strong one.
I am -1 on the PR as currently submitted due to the incorrect statement regarding security risks in the commit comment.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org