Skip to content

Fix RESTRICTED_TOKENS typo: " javax" (leading space) fails to prevent javax binding#12709

Open
robinkarlberg wants to merge 1 commit intoapache:mainfrom
robinkarlberg:main
Open

Fix RESTRICTED_TOKENS typo: " javax" (leading space) fails to prevent javax binding#12709
robinkarlberg wants to merge 1 commit intoapache:mainfrom
robinkarlberg:main

Conversation

@robinkarlberg
Copy link

@robinkarlberg robinkarlberg commented Feb 25, 2026

Description

RESTRICTED_TOKENS is used to blacklist tokens for the JavaScript engine, used for rules etc. However, I saw that one of the entries " javax" has an accidental space in it, it should most likely be "javax".

As far as I understand, the typo does not lead to any security impact as the --no-java flag disables javax access, so that's why I'm creating an issue here on GitHub, and not a vulnerability disclosure. Consider this more of a little cleanup of the code.

Types of changes

  • Breaking change (fix or feature that would cause existing functionality to change)
  • New feature (non-breaking change which adds functionality)
  • Bug fix (non-breaking change which fixes an issue)
  • Enhancement (improves an existing feature and functionality)
  • Cleanup (Code refactoring and cleanup, that may add test cases)
  • Build/CI
  • Test (unit or integration test code)

How Has This Been Tested?

Test still pass.

@boring-cyborg
Copy link

boring-cyborg bot commented Feb 25, 2026

Congratulations on your first Pull Request and welcome to the Apache CloudStack community! If you have any issues or are unsure about any anything please check our Contribution Guide (https://github.com/apache/cloudstack/blob/main/CONTRIBUTING.md)
Here are some useful points:

DaanHoogland
DaanHoogland approved these changes Feb 26, 2026
View reviewed changes
Copy link
Contributor

@DaanHoogland DaanHoogland left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

clgtm

@DaanHoogland
Copy link
Contributor

DaanHoogland commented Feb 26, 2026

tnx @robinkarlberg , If you think this makes sense, would you mind basing your change on the 4.20 branch, we will merge forward to any following branches. If not, we’ll just merge here and it will go in 23 and up.

@codecov
Copy link

codecov bot commented Feb 26, 2026
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 17.92%. Comparing base (30e6c22) to head (a29d195).
⚠️ Report is 10 commits behind head on main.

Additional details and impacted files 
@@            Coverage Diff            @@
##               main   #12709   +/-   ##
=========================================
  Coverage     17.92%   17.92%           
- Complexity    16154    16157    +3     
=========================================
  Files          5939     5939           
  Lines        533181   533181           
  Branches      65237    65237           
=========================================
+ Hits          95585    95595   +10     
+ Misses       426856   426846   -10     
  Partials      10740    10740
Flag Coverage Δ
uitests 3.67% <ø> (ø)
unittests 19.04% <ø> (+<0.01%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@DaanHoogland DaanHoogland DaanHoogland approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@robinkarlberg @DaanHoogland