[jira] [Commented] (NET-729) Undisclosed Java 8 requirement.

Thu, 04 Apr 2024 15:40:23 -0700 


    [ 
https://issues.apache.org/jira/browse/NET-729?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17834093#comment-17834093
 ] 

Henrik Lindqvist commented on NET-729:
--------------------------------------

Sorry typo, i meant "binary compatibility" was broken in version {*}3.9.0{*}, 
so any reverting would actually restore it.

Whatever you consider backwards/binary compatibility it seems to have been 
broken in version 3.9.0, where methods returning java.util.Calendar was 
replaced with methods returning java.time.Intent, and it suddenly requires Java 
8 instead of Java 7.

Android 7 and lower basically only supports Java 7, therefor version 3.9.0 of 
this library is incompatible. As said, most apps still support Android 6, or 
even 5, as minimum, and probably won't require Android 8 for other 5 years, 
since there's not much difference as compared to Android 6, except the lack of 
full Java 8 support.

Anyhow, i guess it's unfeasible to revert the seeming minor internal changes 
and restore the removed public methods, so Android projects will have to find 
another library, or continue using an old vulnerable version of this.

> Undisclosed Java 8 requirement.
> -------------------------------
>
>                 Key: NET-729
>                 URL: https://issues.apache.org/jira/browse/NET-729
>             Project: Commons Net
>          Issue Type: Bug
>          Components: FTP
>    Affects Versions: 3.9.0, 3.10.0
>         Environment: Android 7 and lower
>            Reporter: Henrik Lindqvist
>            Priority: Minor
>             Fix For: 3.11.0
>
>
> Has for a decade been using this library in an Android app. Decided to update 
> from an older version to 3.10.0 mostly for the fixed security issue, but this 
> is sadly not possible due to version 3.9.0 now requires Java 8 which Android 
> lacks full support for, e.g. it's missing java.time.Duration. It's 
> unfortunate that such unnecessary changes are made, replacing working code 
> with new Java features just for the fun of it, since this will force projects 
> use another dependency making this library even more irrelevant. Please 
> revert the changes that use Java 8 features, or at least update the 
> documentation with a notice that version 3.9.0 is not binary compatible with 
> prior versions: [https://commons.apache.org/proper/commons-net/migration.html]



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to