uschindler commented on PR #2634: URL: https://github.com/apache/solr/pull/2634#issuecomment-2291438971
Hi, in my opinion the whole thing is not needed at all. On the day when you switch to Java 17 or 21 as minimum version you get the forbiddenwarnings automatically (by both forbiddenapis and javac). Just fix them at that time. Due to syntax changes you may still need to Come on, we are talking here about 3 source files with SecurityManager. I think one can easily fix the issues at that time. But anyways, you can commit this PR as it works in the Apache Lucene style (separating the accesscontroller into a separate method) and add all annotations. But addings the forbidden signatures can be avoided as they get obsolete anyways. > For some reason, forbiddenApis didn't flag DocumentObjectBinder from solrj, even though it uses AccessController. The method is already annotated with @SuppressForbidden, so the refactoring to a separate method is not helping anything. You can revert that file: https://github.com/apache/solr/blob/21359aa8dac184525630fc4177a71060e7b3b4e3/solr/solrj/src/java/org/apache/solr/client/solrj/beans/DocumentObjectBinder.java#L139 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
