JEP proposed to target JDK 15: 371: Hidden Classes

David Holmes david.holmes at
Thu Apr 2 04:30:04 UTC 2020

On 2/04/2020 2:19 pm, Netroby wrote:
> This may be dangerous. For virus creator and attacker. If they replace
> the origin Jar, the hidden  class may cause we can not easy to see
> what's inside it .

I don't think you are understanding the sense in which these classes are 
"hidden". This isn't about invisible classes in jar files.

The ability to call Lookup.defineHiddenClass replaces (in part) the 
private/internal API Unsafe.defineAnonymousClass API so that framework 
writers now have a supported API to use for injecting classes. You must 
have appropriate permissions/capabilities to define a hidden class.


> For company , If company choose to using hide class protect the
> important framework. It's valuable , but for who working deal with the
> framework, not good news.
> We often tired to find out whats happening. while there is exception,
> what's inside the exceptions.
> The JEP may cause us coders hard to work. Not just easy to read code,
> easy to understand.
> Like there will have many walls , block us . close our eyes.
> any way, Hidden class may useful, but not to Java coder like me.
> Appreciate your time.
> ----------------------------
> Netroby
> <mark.reinhold at> 于2020年4月2日周四 上午7:26写道:
>> The following JEP is proposed to target JDK 15:
>>    371: Hidden Classes
>> Feedback on this proposal from JDK Project Committers and Reviewers [1]
>> is more than welcome, as are reasoned objections.  If no such objections
>> are raised by 23:59 UTC on Wednesday, 8 April, or if they’re raised and
>> then satisfactorily answered, then per the JEP 2.0 process proposal [2]
>> I’ll target this JEP to JDK 15.
>> - Mark
>> [1]
>> [2]

More information about the jdk-dev mailing list