How can I report bugs in OpenJDK?

Matthias-Christian Ott ott at
Thu Dec 3 13:37:26 UTC 2015

On 03/12/15 12:26, dalibor topic wrote:
> On 03.12.2015 10:53, Matthias-Christian Ott wrote:
>> To make a long story short: Would it also be permissible
> Not really.
> If you look at the description of core-libs-dev and most other mailing
> lists, they serve for technical discussion of OpenJDK development in a
> respective area. They should not be used for other, non-technical
> discussions - that's what this list is for, for example.

I understand what you are trying to say: bug trackers can handle bugs
more appropriately. I agree. However, a short remark about the
justification: are bug reports non-technical in your opinion? Bug
reporting is an integral part of every software development process.

> So if you wanted to discuss ideas for a fix in a specific area before
> you started working on one, that would be just fine. In that case,
> please see the contributing guide at
> for the requirements and steps to take.

Thank you for the link. At the moment I don't want to work on the issues
but just report them. Other volunteers can perhaps fix them more easily
and quickly than I can or the bug reports can simply serve as
documentation. Moreover, I'm not sure that I understand or that I'm
willing to sign the copyright assignment.

> Just spamming various technical lists with bug reports in hope that
> someone else among the hundreds of subscribers files issues that you
> could easily just file yourself, on the other hand, would not be OK.

I see. However, it seemed to me to be the only way to make the bug
reports immediately public. I also submitted them through after they had been published on the mailing list.
Perhaps I should publish them on my website first the next time and then
submit them through This would be an acceptable
middle ground for me. I didn't mean to annoy anybody with useless email.

I think the bug reporting process is now relatively clear to me. Thank
you for the explanation and patience. I will try to fulfil the
expectations of the OpenJDK community with regards to bug reporting and
while also trying to meet my requirements of openness and transparency
in the future.

I have one last question: Who decides whether and when a JI becomes an
issue in JBS and who decides whether and when a security vulnerability
reported to secalert_us at becomes an issue in JBS? For example
FreeBSD has a policies for this [1,2] and I never had a problem
reporting bugs to them.


More information about the discuss mailing list