RFR: 8338411: Implement JEP 486: Permanently Disable the Security Manager
Alan Bateman
alanb at openjdk.org
Wed Oct 16 15:56:26 UTC 2024
On Wed, 16 Oct 2024 15:31:49 GMT, ExE Boss <duke at openjdk.org> wrote:
>> SecurityManager::getClassContext hasn't been needed since JDK 9 but we decided to keep the implementation in case there are older versions of logging libraries that extend SecurityManager so they can call this method. What we have currently in the jep486 is okay, it would be a bit more efficient if method info is dropped, but I think mostly we want to have any remaining usages of this method to move to StackWalker.
>
> **SLF4J** currently depends on this method when logger name mismatch detection is enabled.
>
> --------------------------------------------------------------------------------
>
> See also:
> - https://github.com/qos-ch/slf4j/pull/271#issuecomment-1288128565
We've had logging library maintainers on the core-libs-dev several times in the last 7+ years so I hope there is good awareness of StackWalker. SM.getClassContext is legacy, shouldn't be any reason to use it in 2024.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/21498#discussion_r1803388208
More information about the nio-dev
mailing list