-
Notifications
You must be signed in to change notification settings - Fork 71
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(jans-core): inherit context classloader #8952 #8953
Conversation
Signed-off-by: Yuriy Movchan <Yuriy.Movchan@gmail.com>
DryRun Security SummaryThe pull request updates the configuration of the Quartz scheduler used in various components of the Jans application suite, primarily by adding the Expand for full summarySummary: The code changes in this pull request primarily focus on updating the configuration of the Quartz scheduler used in various components of the Jans application suite, such as the Jans Config API, Jans Auth Server, Jans FIDO2, Jans Link, Jans Lock, and Jans SCIM. The key change across these files is the addition of the This configuration setting ensures that the threads created by the Quartz scheduler will inherit the context class loader of the thread that initialized the scheduler. This can be an important consideration for applications that use custom class loaders or need to ensure that the scheduler's threads have access to the necessary resources and dependencies. From an application security perspective, these changes do not appear to introduce any immediate security concerns. The Quartz scheduler is a widely used and well-established library, and the configuration updates are generally considered standard practice. However, it's important to review the broader context of the application and ensure that the Quartz scheduler is being used securely and that there are no other potential security implications. Files Changed:
Overall, the changes in this pull request appear to be routine configuration updates and do not raise any immediate security concerns. However, it's important to review the broader context of the application and ensure that the Quartz scheduler is being used securely and that there are no other potential security implications. Code AnalysisWe ran Riskiness🟢 Risk threshold not exceeded. |
DryRun Security SummaryWe are currently analyzing this pull request to produce a meaningful summary. Code AnalysisWe ran Riskiness🟢 Risk threshold not exceeded. |
|
|
|
|
|
|
|
|
|
|
|
Closes #8952