RFR: 8285380: Fix typos in security
Alan Bateman
alanb at openjdk.java.net
Thu Apr 21 16:14:26 UTC 2022
On Thu, 21 Apr 2022 14:11:08 GMT, Alan Bateman <alanb at openjdk.org> wrote:
>> I ran `codespell` on modules owned by the security team (`java.security.jgss java.security.sasl java.smartcardio java.xml.crypto jdk.crypto.cryptoki jdk.crypto.ec jdk.crypto.mscapi jdk.security.auth jdk.security.jgss`), and accepted those changes where it indeed discovered real typos.
>>
>> I will update copyright years using a script before pushing (otherwise like every second change would be a copyright update, making reviewing much harder).
>>
>> The long term goal here is to make tooling support for running `codespell`. The trouble with automating this is of course all false positives. But before even trying to solve that issue, all true positives must be fixed. Hence this PR.
>
> The folks on security-dev will know for sure but I assume that the changes to the imported Apache Santuario code should be dropped as it will make upgrades more complicated.
> @AlanBateman So there is even more 3rd party code in there? :-( I tried to ignore fixes for all files that I could identify as 3rd party. It's actually a bit annoying that we have imported source code thrown around like this in the source tree, so there is no clear boundary between code we own and code we import from someone else...
security-dev can say for sure but the only 3rd party code I see in this change is in the src/java.xml.crypto/share/classes/com/sun/org/apache tree (the package name gives a hint has it was it was re-packaged).
-------------
PR: https://git.openjdk.java.net/jdk/pull/8340
More information about the security-dev
mailing list