On Sat, 16 Nov 2024 14:29:56 GMT, Kevin Rushforth <k...@openjdk.org> wrote:
>> This PR removes all remaining uses of `AccessController` and
>> `AccessControlContext`, which represent the last remaining uses of the
>> terminally deprecated security APIs except for those in the `/ios/` or
>> `/android/` directories.
>>
>> With the removal of doPrivileged and the `if (System.getSecurityManager() !=
>> null)` code paths, the ACC is no longer used, so can be completely
>> eliminated. Along with this, I removed all unused imports of
>> security-related APIs and all related `@SuppressWarnings("removal")
>> annotations.
>>
>> ### Notes to reviewers
>>
>> * Most of the changes were straight-forward removals of methods and fields
>> to save, retrieve and pass around the `AccessControlContext`.
>> * The Toolkit class stores a collection of listeners in a `WeakHashMap` with
>> the listener as the key (thus weakly held) and the ACC as the value. We no
>> longer need or want the ACC, but I kept the use of `WeakHashMap` and changed
>> the value type to `Object`, storing a singleton dummy object as the value
>> for each entry. This minimizes the changes, while preserving the behavior of
>> reclaiming the entries when they are garbage collected.
>
> Kevin Rushforth has updated the pull request incrementally with one
> additional commit since the last revision:
>
> review feedback
Marked as reviewed by mstrauss (Committer).
-------------
PR Review: https://git.openjdk.org/jfx/pull/1638#pullrequestreview-2440795446
