Y
Hacker News
new
|
ask
|
show
|
jobs
by
andylynch
710 days ago
Gradle is no different here. Ditto many other build tool.
1 comments
krzyk
710 days ago
But maven does not.
link
oftenwrong
709 days ago
Maven plugins and extensions can execute arbitrary code, so you should still exercise care when running an untrusted maven project.
link
stefs
709 days ago
you mean because it's xml instead of executable code?
link
krzyk
709 days ago
No, because it was designed that way - declarative.
You can have xml with code-like-structures, e.g. Ant
link