wmh1108-sas commented on code in PR #7930: URL: https://github.com/apache/geode/pull/7930#discussion_r2392588815
########## gradle.properties: ########## @@ -64,18 +64,18 @@ geodeDockerImageName = geode:develop #JAVA_HOME to be used for compilation compileJVM= -compileJVMVer=8 +compileJVMVer=17 #JAVA_HOME to be used by tests testJVM= -testJVMVer=8 +testJVMVer=17 repeat = 100 org.gradle.caching = true org.gradle.configureondemand = false org.gradle.daemon = true -org.gradle.jvmargs = -Xmx3g +org.gradle.jvmargs = -Xmx3g --add-exports=java.base/sun.security.x509=ALL-UNNAMED --add-exports=jdk.compiler/com.sun.tools.javac.api=ALL-UNNAMED --add-exports=jdk.compiler/com.sun.tools.javac.code=ALL-UNNAMED --add-exports=jdk.compiler/com.sun.tools.javac.file=ALL-UNNAMED --add-exports=jdk.compiler/com.sun.tools.javac.parser=ALL-UNNAMED --add-exports=jdk.compiler/com.sun.tools.javac.tree=ALL-UNNAMED --add-exports=jdk.compiler/com.sun.tools.javac.util=ALL-UNNAMED --add-exports=java.management/com.sun.jmx.remote.security=ALL-UNNAMED Review Comment: Thanks, Jinwoo! Using ALL-UNNAMED means that anything on the classpath can access the internal Java classes, which could potentially expose them to malicious code, based on my understanding. I'm wondering if we can keep the broken encapsulation confined to only the Spotless module(s). It looks like the module name for the Spotless Gradle plugin is com.diffplug.spotless. Can you try: `--add-exports=java.base/sun.security.x509=com.diffplug.spotless` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
