please review fix for 7118546, warnings cleanup in javax.xml.crypto

[Sean Mullan]

On 12/8/11 3:47 PM, Stuart Marks wrote:
> On 12/8/11 9:24 AM, Sean Mullan wrote:
>> Now that they are warning free, should there also be a change to the Makefile?
> 
> Eventually yes. I'll coordinate with Kurchi on this, but we probably want to 
> add -Werror to various makefiles in the future, after we do more testing to 
> ensure that we don't start breaking builds.
> 
>> In javax/script/ScriptException.java, why is the serialVersionUID field not
>> marked private?
> 
> No good reason. Well, there's a bad reason :-) which is that the "serialver" 
> output doesn't make it private. I see that the majority (> 80%) of 
> serialVersionUID fields in the JDK are private. I'll make this change.
> 
> Aside: it seems that making svuid private is preferred. Is this true, and if 
> so, what's the rationale? Is this a bug that serialver doesn't make its 
> declaration private?

Not sure if there is an obvious security risk by making it package-private but I
think it's good practice in general to make it private.

>> All the other changes look good. The only other suggestion I would make is to
>> add a note to the CR with more rationale as to why the SuppressWarnings, etc
>> were added to the API so that future maintainers will understand that. In short,
>> this API was specified as a standalone JSR (105) and any API changes would need
>> to be first published via a maintenance review per the JCP guidelines.
> 
> OK, I'll add a note to the CR that covers this.
> 
> Anything else?

No.

--Sean