Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [cdi-dev] Weld 5 CR release is now available
  • From: Thomas Watson <tjwatson@xxxxxxxxxx>
  • Date: Thu, 24 Feb 2022 18:49:04 +0000
  • Accept-language: en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=us.ibm.com; dmarc=pass action=none header.from=us.ibm.com; dkim=pass header.d=us.ibm.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=pNUobUSQagRoNotJ6oARVtwHwDoxObvuggyocV16WaY=; b=aNaDirI60bnCfMPrhsSQQlPYnDVGzDXjy/mS45Fc8jMyr5qH8Nbq5KsPS1y5YSBhN1CJHt+VcIgm9EPvGrJ6dFyUeV1U9+G9RzA8feQ3OSbHSzvQKnYn24c7MBRqZecnixWy/W2uK4ixrlOlNEdV3EMiromwpMuHnNpaQjeXvX1ulFaYFpc8m1jklRB1RJv6c5Bo8sx+9NQ3MHOoTr7CfmHit7OLM0aHwLcIKR/myHlxrnYJa29dIoOZ0LgMjhu15FRZ6qdZA4q6QJhC2YpRc3Z8VjXXqO/sOM1396b5rjBjYV9wehOUb5w4YshAOF+AvTWDqO648P6ZjoIopt4OLg==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=aX0mh6E0hf0EVwTuhOC2i9xeCl7TKK6D+68EnZ0txK1+z7Ht8J/WoVsVvAmgGDyyPgLc8qQ8mD+godPS/pshb7aIoiul0loZuIIcpdeFGXr0caGj+pTKOlzaDhjaqG7DUmjDDzrboWtmQPJP3PjLhVhAs5ixkwFJD3sFt44+4npH8O200/rItuoRaW9n6WXx6fIZtv4ex/6dhCuUMdrqV5QJhuEUEe+Loa8tkeGneZG6JKLqbPQnDcaa/kXkh4GfcmBjqQVI6zUiWQe78khRGt+raQ4PZMTWe1bFd4EMpmwl/FtqXDroXk+TZ0wJluCv4T+viuC63uiFFfdYiLlkYg==
  • Delivered-to: cdi-dev@xxxxxxxxxxx
  • List-archive: <https://www.eclipse.org/mailman/private/cdi-dev/>
  • List-help: <mailto:cdi-dev-request@eclipse.org?subject=help>
  • List-subscribe: <https://www.eclipse.org/mailman/listinfo/cdi-dev>, <mailto:cdi-dev-request@eclipse.org?subject=subscribe>
  • List-unsubscribe: <https://www.eclipse.org/mailman/options/cdi-dev>, <mailto:cdi-dev-request@eclipse.org?subject=unsubscribe>
  • Suggested_attachment_session_id: bda0d333-f3d4-ae2e-20b6-0b722a896d89
  • Thread-index: AQHYKMZpZ9b+MGsXkEm7bf+3zmbReayhP/WAgAAPLQCAAS9MAIAAMgoAgAAFkYCAAAH+NoAARr0AgAAJiXA=
  • Thread-topic: [EXTERNAL] Re: [cdi-dev] Weld 5 CR release is now available
I have heard discussions about removing security manager integration from the EE specifications.  That is something I think is a great idea even before the talk to remove the SecurityManager from Java, just not being done for EE 10.

Regardless, I'm not sure why a discussion about a bug fix in a compatible implementation is the focus here.  That is up to the discretion of the implementation project.

As a broader Java community, I am not looking forward to when Java removes AccessController::doPrivileged altogether.  The JEP says:

<quote>
In Java 18 and later, we will degrade other Security Manager APIs so that they remain in place but with limited or no functionality. For example, we may revise AccessController::doPrivileged simply to run the given action, or revise System::getSecurityManager always to return null. This will allow libraries that support the Security Manager and were compiled against previous Java releases to continue to work without change or even recompilation. We expect to remove the APIs once the compatibility risk of doing so declines to an acceptable level.
</quote>

To be honest, I cannot predict how long it will take for the compatibility risk to decline to an acceptable level.  But it will trigger millions upon millions of lines of code to have to change simply so the JVM can remove a no-op doPrivileged method.  I sure hope that win is worth it to the whole Java community.

Tom

From: cdi-dev <cdi-dev-bounces@xxxxxxxxxxx> on behalf of arjan tijms <arjan.tijms@xxxxxxxxx>
Sent: Thursday, February 24, 2022 11:58 AM
To: cdi developer discussions <cdi-dev@xxxxxxxxxxx>
Subject: [EXTERNAL] Re: [cdi-dev] Weld 5 CR release is now available
 
Hi,

On Thu, Feb 24, 2022 at 2:54 PM Thomas Watson <tjwatson@xxxxxxxxxx> wrote:
 at least last time I checked Java 18 still allowed "-Djava.security.manager=allow" (see https://openjdk.java.net/jeps/411). 

I know, but isn't that just delaying the inevitable? I mean, with some tricks you can still run applets today (sorry for coming up with applets all the time), but it doesn't mean one should, or that anyone should seriously support this.

All I'm really saying is that we had a ton of issues with crossing the JDK 8 to JDK 11 barrier, since despite that we all knew modules were coming, almost nobody prepared.

Now we know the security manager is going to disappear. So shouldn't we prepare for it, so that by the time it's really gone, we won't need half a decade or more to get our users passed JDK 17?

Kind regards,
Arjan

 

Back to the top