-
-
Notifications
You must be signed in to change notification settings - Fork 28
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Use public lookup #46
Conversation
The class specific lookup doesn't lend extra access to nms but exposes impl details of MinecraftReflection Signed-off-by: liach <liach@users.noreply.github.com>
I remember last time I tried to switch to a public lookup for one of these things it broke stuff -- have you tested this change in an active server env? Really, this class was designed to be package-private but had that changed when the |
not on production server. can you post a previous log? i've checked that all methods or fields it unreflects already are called to be accessible, so any lookup can unreflect them. other usages by this lookup are all targetting stuff this lookup has minimal trust to as far as i see. another concern may be that nms classes are from different classloaders and without a correct class instance from the right classloader (i think), lookup cannot find and call methods or do stuff. |
Strictly speaking, it is correct for adventure-platform to use its own lookup, as the lookup API is designed to reflect the access capabilities of the caller performing the access. |
You are understanding this exactly incorrectly: this means that you shouldn't expose a lookup obtained by |
The lookup is not exposed. There is no If you're on Java 8, unfortunately you cannot use JPMS. All the same, libraries frequently make use of |
Just curious, what is JPMS? The old lookup does have extra capabilities, but those capabilities are quite useless for the use cases, as the lookup has equivalent access to whatever any code in After all, the main advantage of this change is to make people actually understand what this lookup actually needs. Like I am not going to use a copy on write array list to store items when an array list suffices all my needs. This usage of copy on write array list may make you think "oh, I need this concurrency feature" while you don't; same argument applies: you may think "oh, I need to access whatever any code in |
Java Platform Module System |
Ah, I never heard of that acronym! Even the full name appears to be the title of JEP only, unlike "indy" "condy" that has actually appeared in jdk's |
Irrelevant as of 6fa0890, the relevant class is now package-private. |
The class specific lookup doesn't lend extra access to nms but exposes impl details of MinecraftReflection.
With the current lookup, users can just call
lookup.findStaticGetter(MinecraftReflection.class, "VERSION", String.class)
to steal theVERSION
field, etc. In addition, the regular lookup doesn't have special advantage on accessing nms, as thisMinecraftReflection
class doesn't as well.