Can you exploit an application that imports a vulnerable library, but does not actually use the classes from the library?

Suppose you have vulnerable library, vuln-lib.jar, that you then import into your source code but never actually use:

#My imports import com.vuln.lib.*   #My code .. 

And you go onto to deploy this application to a server. Is it possible to exploit a known vulnerability in this library even if your code does not use any of the classes the library provides as part of the source code? And if so, how would that happen?

Does a cockatrice actually need to land a bite for the initial DC 11 Con saving throw?

According to: https://roll20.net/compendium/dnd5e/Cockatrice#content

The target must succeed on a dc 11 constitution saving throw against being magically petrified On a failed save, the creature begins to turn to stone and is restrained. It must repeat the saving throw at the end of its next turn. On a success, the effect ends. On a failure, the creature is petrified for 24 hours

However, it doesn’t actually mention that the intial Bite has to hit.

So, does the initial Bite have to hit or is the DC11 Con Saving throw separate to the Bite?

Think I’ve pretty good reason to suspect my computer tessl programs it’s a 64 bit architecture machine when its actually 32 bit architecture

Sorry if this is not a specifically Ubuntu problem, but I’m working w/Linux Lite, which IS based on Ubuntu. I’d like to a) find out/verify, if this is happening, /b) correct it if it is. Often my installation works w/newly installed stuff, but often when it doesn’t, this seems to b root. Please help me find out if my machine is a bold-faced liar, /end the problem, if so.

answerInlineQuery was successfully sended but no result actually

I have code for cover inlineQuery:

  • inline mode was turned on in BotFather
  • webhooks with InlineQuery correctly recived
  • result for answerInlineQuery is: { "ok": true, "result": true }

Bot JavaScript code (BJS) written on Bots.Business:

results = []; item = {   type: "article",   id: "13",   title: "Test item",   input_message_content: { "message_text": "this is text" } } results.push(item);  Api.answerInlineQuery({   inline_query_id: request.id,   results: results,   cache_time: 0,   on_result: "/trackResult" }) 

/trackResult command (it handle after answerInlineQuery method):

throw inspect(options) 

In error log (I just track successfull notice as error):

correct response from Telegram Api

So: answerInlineQuery was sended but actually no any inline results for user in the Telegram chat.

answerInlineQuery was successfully sended but no result actually

I have code for cover inlineQuery:

  • inline mode was turned on in BotFather
  • webhooks with InlineQuery correctly recived
  • result for answerInlineQuery is: { "ok": true, "result": true }

Bot JavaScript code (BJS) written on Bots.Business:

results = []; item = {   type: "article",   id: "13",   title: "Test item",   input_message_content: { "message_text": "this is text" } } results.push(item);  Api.answerInlineQuery({   inline_query_id: request.id,   results: results,   cache_time: 0,   on_result: "/trackResult" }) 

/trackResult command (it handle after answerInlineQuery method):

throw inspect(options) 

In error log (I just track successfull notice as error):

correct response from Telegram Api

So: answerInlineQuery was sended but actually no any inline results for user in the Telegram chat.

Does it cost money to actually have a working website rather than one that just loads? [on hold]

I know a website. I can open it and it loads but it has not significantly different from none amount of text or hyperlinks at all: just a loaded page that’s blank or has two words. Was this done to conserve money or did they just happen to have a server but can’t afford a programmer to write the html?