RFR: JDK-8291974 PrivateCredentialPermission should not use local variable to enable debugging [v2]

Roger Riggs rriggs at openjdk.org
Mon Sep 19 18:54:48 UTC 2022

On Mon, 19 Sep 2022 17:54:57 GMT, Mark Powers <mpowers at openjdk.org> wrote:

>> https://bugs.openjdk.org/browse/JDK-8291974
> Mark Powers has updated the pull request incrementally with one additional commit since the last revision:
>   added test

As mentioned earlier in the comments...
This is a completely compatible change.  Removing a field is well specified as a compatible change.
>From old version to new version the value in the stream is discarded.
>From a new version to the old version, the value in the stream is missing so the field is initialized to its default value (false for boolean).
There's no reason to change the serialVersionUID. Changing it would be an incompatible change and cause all kinds of other problems. 

In the current case, since the value of the field is false, it will be hard to observe any change in behavior.


PR: https://git.openjdk.org/jdk/pull/10206

More information about the security-dev mailing list