RFR: 8370688: java.util.jar.JarEntry.getCodeSigners() and getCertificates() should specify that they return a copy of the arrays [v2]
Sean Mullan
mullan at openjdk.org
Thu Dec 4 13:39:35 UTC 2025
On Wed, 3 Dec 2025 18:46:40 GMT, Koushik Muthukrishnan Thirupattur <duke at openjdk.org> wrote:
>> The implementation of JarEntry.getCodeSigners() and getCertificates() both return a copy of the original array. However, the documentation of these 2 methods currently doesn't specify this.
>
> Koushik Muthukrishnan Thirupattur has updated the pull request incrementally with one additional commit since the last revision:
>
> 8370688: Addressed review comments - add explicit note similar to SSLParameters
src/java.base/share/classes/java/util/jar/JarEntry.java line 117:
> 115: * to trust the entry signed by the signers.
> 116: *
> 117: * <p>This method will return a new array each time it is invoked.
This sentence is not completely true, because the method may also return `null`. I suggest moving this sentence to the @return label (as the second sentence), and rephrasing it as "If non-null, this method returns a new array each time it is invoked". I removed "will" as I think present tense sounds better.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/28615#discussion_r2589119626
More information about the security-dev
mailing list