Item for next meeting: Since this came up in one of our meetings not so long ago, here are Derby's thoughts on removing the security manager: https://issues.apache.org/jira/secure/attachment/13043591/releaseNote.html from issue https://issues.apache.org/jira/browse/DERBY-7138
There is a related issue that enforces use of Java 17+ for this version of Derby: https://issues.apache.org/jira/browse/DERBY-7137 Note that these changes have not been officially released yet. One interesting point is the suggested mitigation "Run Derby from the module path" to prevent access to internals. - Does JDO work with --/module/-/path,/ do we need to do anything to (better) support this, i.e. allow others using it?/ /- Should me modularize the JDO API? Best, Tilmann
