Security fixes are back; other fixes can go in. Time for build 18?
Andrew John Hughes
gnu_andrew at member.fsf.org
Thu Jan 7 03:18:13 PST 2010
2010/1/7 Joseph D. Darcy <Joe.Darcy at sun.com>:
> Andrew John Hughes wrote:
>>
>> 2009/12/25 Andrew John Hughes <gnu_andrew at member.fsf.org>:
>>
>>>
>>> 2009/12/24 Joseph D. Darcy <Joe.Darcy at sun.com>:
>>>
>>>>
>>>> Andrew John Hughes wrote:
>>>>
>
> [big snip]
>>>>
>>>> The com.sun.java.swing package in OpenJDK should have the same effective
>>>> compile-time visibility as in Sun JDK.
>>>>
>>>>
>>>
>>> I don't know what that is; does this mean
>>> com.sun.java.swing.plaf.nimbus is hidden in the proprietary JDK6? I
>>> don't mind either way, it just seems that the other plaf packages are
>>> visible.
>>>
>>>
>>>>
>>>> I'm going to start taking my vacation in earnest now so we can finish
>>>> working through this issue early in 2010.
>>>>
>>>> Happy holidays,
>>>>
>>>>
>>
>> Happy new year! Any more thoughts on the above?
>>
>>
>
> Yes, easing back from vacation and donning my fedora and bullwhip, I've dug
> into what is going on here.
>
> In brief, make/common/Release.gmk has a list of packages to exclude from the
> ct.sym warning (6476749: "Exclude Swing plaf classes from Sun Proprietary
> warning"); from
> http://hg.openjdk.java.net/jdk6/jdk6/jdk/raw-file/c00f461c45bc/make/common/Release.gmk
>
> # The compiler should not issue a "Sun Propietary" warning when compiling
> # classes in the com.sun.java.swing.plaf packages, since we've always
> # allowed, and even advocated, extending them (see bug 6476749).
> #
> # This approach is NOT to be used as a general purpose way to avoid such
> # compiler warnings for non-core packages. The correct way is to document
> # the packages in NON_CORE_PKGS.gmk, and include them in the NON_CORE_PKGS
> # definition.
> #
> # Swing has taken this approach only as a temporary measure to avoid
> # the compiler warnings until we can properly document these packages.
> # This is covered under 6491853.
> EXCLUDE_PROPWARN_PKGS = com.sun.java.swing.plaf \
> com.sun.java.swing.plaf.windows \
> com.sun.java.swing.plaf.motif \
> com.sun.java.swing.plaf.gtk
>
> In Sun's 6 update train, com.sun.java.swing.plaf.nimbus is included on that
> package list. Therefore, the test file in question compiles without warning
> using Sun's 6 update release. The corresponding addition to this list has
> *not* been made in JDK 7, which is probably just an oversight.
>
In 7, it's now a standard API javax.swing.plaf.nimbus. So you'll find
it listed in make/docs/CORE_PKGS.gmk instead:
javax.swing.plaf.basic \
javax.swing.plaf.metal \
javax.swing.plaf.multi \
javax.swing.plaf.nimbus \
javax.swing.plaf.synth \
> I'd support com.sun.java.swing.plaf.nimbus being included in this list in
> OpenJDK 6 as long as
>
> * The API of the package is the same as in Sun's 6 update release
We have no way of verifying what's in the 6 update release as it is
proprietary software. The Nimbus code in OpenJDK6 is a backport of
what's in 7, moved back to the com.sun.java.swing.plaf.nimbus
namespace wihich I believe was used in the proprietary 6 update train.
Remember that this is an open-source project; regardless of whether
arbitrary bits of code are made invisible or not in a unpatched build
of OpenJDK6, anyone can easily read the code and even rip the ct.sym
hack right back out again. Additionally, not doing this would make
OpenJDK6 different from the proprietary release -- as you mention
above, it doesn't mask this package.
> * Kelly reviews the situation for any other build implications
>
> In the 6 update train, the nimbus package was added to the list under bug id
> 6616742, but for OpenJDK 6 I think we should use a fresh bug id if this goes
> back.
Yes, please allocate one.
>
> Happy new year,
>
> -Joe
>
Happy new year,
--
Andrew :-)
Free Java Software Engineer
Red Hat, Inc. (http://www.redhat.com)
Support Free Java!
Contribute to GNU Classpath and the OpenJDK
http://www.gnu.org/software/classpath
http://openjdk.java.net
PGP Key: 94EFD9D8 (http://subkeys.pgp.net)
Fingerprint: F8EF F1EA 401E 2E60 15FA 7927 142C 2591 94EF D9D8
More information about the jdk6-dev
mailing list