Update forbidden APIs for JDK 25 #19623
Conversation
|
@cwperks I'd appreciate a review whenever you get a few minutes. I've removed some code, all of which involved using permissions that the java agent does not enforce. Please let me know if this makes sense. I've also removed some code that used "UnresolvedPermission". As far as I know, our policy file parser will not produce this permission so it is safe to remove. |
|
❌ Gradle check result for 95fcccf: FAILURE Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green. Is the failure a flaky test unrelated to your change? |
@andrross the agent does support bare minimum (more or less) set of permissions, but we could certainly work it through to add more and more. If we remove these now, we won't be able to cover these flow anymore. If we could keep them and than decide - which ones we will not support, we could clean up not only some classes but policies as well, holistically. What do you think? |
|
I think its reasonable to remove UnresolvedPermission based on the javadoc here: https://github.com/openjdk/jdk17/blob/master/src/java.base/share/classes/java/security/UnresolvedPermission.java#L40-L43
My understanding is that the java agent has permissions resolved at the time of initialization including permissions that require env variable or system prop replacement.
Edit: I think my understanding is wrong about this class of permission.
Do we plan to support custom permissions classes in the future? If not then I think its reasonable to remove. |
That's fair. Probably better to suppress the warnings in this PR and figure out the path forward for the deprecated classes separately. I'll push an update. |
Update the forbidden APIs plugin to the latest release and also fix or suppress all the usages of APIs that are newly deprecated in JDK 25. Signed-off-by: Andrew Ross <[email protected]>
andrross
force-pushed
the
deprecations-jdk25
branch
from
95fcccf to
97099d5
Compare
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #19623 +/- ##
============================================
- Coverage 73.11% 73.09% -0.02%
- Complexity 70661 70680 +19
============================================
Files 5724 5725 +1
Lines 323498 323733 +235
Branches 46852 46880 +28
============================================
+ Hits 236518 236636 +118
- Misses 67846 68000 +154
+ Partials 19134 19097 -37 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
Update the forbidden APIs plugin to the latest release and also fix or suppress all the usages of APIs that are newly deprecated in JDK 25. Signed-off-by: Andrew Ross <[email protected]>
Update the forbidden APIs plugin to the latest release and also fix or suppress all the usages of APIs that are newly deprecated in JDK 25. Signed-off-by: Andrew Ross <[email protected]>
3 participants
Update the forbidden APIs plugin to the latest release and also fix all the usages of APIs that are newly deprecated in JDK 25.
Check List
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.