sofa-hessian

sofa-hessian copied to clipboard

There is a new API from hessian-4.0.51 and improved in hessian-4.0.60. ``` public class ClassFactory { private static ArrayList _staticAllowList; private ClassLoader _loader; private boolean _isWhitelist; private ArrayList _allowList; ```...

ujjboy

fix: roll back previous throwable and stack trace element ser for compatibility

1

rollback throwable serializer and stackTraceElement deserializer

Lo1nt

Motivation: 为了增强代码审查流程并确保代码的安全性和合规性，我新增了代码安全扫描和开源组件扫描。通过加入这些扫描，我们可以识别潜在的漏洞，并确保代码库符合开源项目治理标准化的要求。 Modification: 新增了cloud_code_scan.yml模板，添加了代码安全扫描和开源组件扫描步骤。这些步骤将作为工作流的一部分进行执行，以执行必要的安全检查和合规性验证。通过添加这些扫描，我们可以积极解决安全问题，并确保遵守开源许可协议。 Result: 通过引入代码安全扫描和开源组件扫描，增强了代码审查流程。它有助于识别安全漏洞，并确保符合开源许可要求。这一改进有助于提高代码库的整体质量和安全性。

Duan-0916

rename artifactId `hessian` to hessian-ark

1

Avoiding load hessian from `com.caucho.hessian` to cause classload conflict. For example: the dubbo changed hessian to hessian-lite

moremind

it is easy to cause class loading conflicts

1

I suggest you change your current package name. In the current form of package organization, it is easy to cause class loading conflicts. See dubbo and hessian-lite for example.

coderDylan

Jdk17 aci test

1

Lo1nt