org.apache.commons.collections.functors.package.html Maven / Gradle / Ivy

Go to download

Show more of this group Show more artifacts with this name
Show all versions of wildfly-client-all

This artifact provides a single jar that contains all classes required to use remote EJB and JMS, including all dependencies. It is intended for use by those not using maven, maven users should just import the EJB and JMS BOM's instead (shaded JAR's cause lots of problems with maven, as it is very easy to inadvertently end up with different versions on classes on the class path).

There is a newer version: 34.0.0.Final

Show newest version


 


This package contains implementations of the
{@link org.apache.commons.collections.Closure Closure},
{@link org.apache.commons.collections.Predicate Predicate},
{@link org.apache.commons.collections.Transformer Transformer} and
{@link org.apache.commons.collections.Factory Factory} interfaces.
These provide simple callbacks for processing with collections.


WARNING: from v3.2.2 onwards this several classes in this package will
throw an {@link UnsupportedOperationException} when trying to serialize or
de-serialize an instance to prevent potential remote code execution exploits.


Classes considered to be unsafe are:


  CloneTransformer
  ForClosure
  InstantiateFactory
  InstantiateTransformer
  InvokerTransformer
  PrototypeFactory$PrototypeCloneFactory
  PrototypeFactory$PrototypeSerializationFactory
  WhileClosure


In order to re-enable serialization support for these unsafe classes, the
following system property can be used (via -Dproperty=true):
org.apache.commons.collections.enableUnsafeSerialization


Be warned though that enabling serialization support for these unsafe classes
makes your application vulnerable to known exploits and you must ensure that
your application does not de-serialize objects from untrusted sources.