On Sat, 9 Dec 2023 12:09:37 GMT, Markus KARG <d...@openjdk.org> wrote:
>> @mkarg I guess the method can only be implemented by subclasses residing in >> the same package with `OutputStream`, right? >> >> @AlanBateman fixed > > @stsypanov Yes but still it is just weird to ask any output stream if *it* is > trusted. I mean, it feels just unsecure to ask: "Do *you* pretend to be > trusted?" instead of "Do *we* trust you?". I could sleep better if this > method would not be part of each OutputStream subclass. We should either move > it back to the place where needed, or into some static utility like > `OutputStreams::isTrusted(OutputStream)` (mind the plural!), or it should at > least be `final`. And it should not only talk about modifying the buffer. As it’s also about leaking the reference. ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/16879#discussion_r1421410743
