RFD: Missing @deprecated note in SecurityManager.checkMulticast(InetAddress, byte)

Eirik Bjørsnøs eirbjo at gmail.com
Tue Mar 5 16:38:53 UTC 2024 

Hi,

I noticed that the long-deprecated
method SecurityManager.checkMulticast(InetAddress, byte) no longer has a
@deprecated note.

Some context:

o The method has been marked @Deprecated since the initial load of OpenJDK
code in 2007
o In 2016, JDK-8145468 [1] added since="1.4"
o  In 2021, JDK-8266459 [2] (JEP 411 implementation) added forRemoval=true,
but curiously also removed the @deprecated note

The removed @deprecated note read:

@deprecated Use #checkPermission(java.security.Permission) instead


The removal of the note was not part of the Specification section of the
JEP-411 CSR [3], which simply read:

@@ -1082,11 +1087,11 @@
>        *             {@code null}.
>        * @since      1.1
>        * @deprecated Use #checkPermission(java.security.Permission) instead
>        * @see        #checkPermission(java.security.Permission)
> checkPermission
>        */
> -     @Deprecated(since="1.4")
> +     @Deprecated(since="1.4", forRemoval=true)
>       public void checkMulticast(InetAddress maddr, byte ttl) {
>           String host = maddr.getHostAddress();
>           if (!host.startsWith("[") && host.indexOf(':') != -1) {
>               host = "[" + host + "]";
>           }


I'm wondering if this was removed by accident, or if there was some
deliberation behind the choice to remove the deprecation note.

If it should not have been removed, would it be worthwhile to add it back,
considering this change was in conflict with the CSR? The deprecation note
is useful in that it recommends a replacement method for the deprecated
method.

Or are we better off just ignoring this, given the eventual removal of
SecurityManager?

Thanks,
Eirik.

[1] https://bugs.openjdk.org/browse/JDK-8145468
[2] https://bugs.openjdk.org/browse/JDK-8266459
[3] https://bugs.openjdk.org/browse/JDK-8266577
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20240305/39f49d11/attachment.htm>

More information about the security-dev mailing list