Re: [DISCUSS] KIP-1006: Remove SecurityManager Support
Hi, It looks like some of the SecurityManager APIs are starting to be removed in JDK 23, see - https://bugs.openjdk.org/browse/JDK-8296244 - https://github.com/quarkusio/quarkus/issues/39634 JDK 23 is currently planned for September 2024. Considering the timelines and that we only drop support for Java versions in major Kafka releases, I think the proposed approach of detecting the APIs to use makes sense. Thanks, Mickael On Tue, Nov 21, 2023 at 8:38 AM Greg Harris wrote: > > Hey Ashwin, > > Thanks for your question! > > I believe we have only removed support for two Java versions: > 7: > https://cwiki.apache.org/confluence/display/KAFKA/KIP-118%3A+Drop+Support+for+Java+7 > in 2.0 > 8: https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=181308223 > in 4.0 > > In both cases, we changed the gradle sourceCompatibility and > targetCompatibility at the same time, which I believe changes the > "-target" option in javac. > > We have no plans currently for dropping support for 11 or 17, but I > presume they would work in much the same way. > > Hope this helps! > Greg > > On Mon, Nov 20, 2023 at 11:19 PM Ashwin wrote: > > > > Hi Greg, > > > > Thanks for writing this KIP. > > I agree with you that handling this now will help us react to the > > deprecation of SecurityManager, whenever it happens. > > > > I had a question regarding how we deprecate JDKs supported by Apache Kafka. > > When we drop support for JDK 17, will we set the “-target” option of Javac > > such that the resulting JARs will not load in JVMs which are lesser than or > > equal to that version ? > > > > Thanks, > > Ashwin > > > > > > On Tue, Nov 21, 2023 at 6:18 AM Greg Harris > > wrote: > > > > > Hi all, > > > > > > I'd like to invite you all to discuss removing SecurityManager support > > > from Kafka. This affects the client and server SASL mechanism, Tiered > > > Storage, and Connect classloading. > > > > > > Find the KIP here: > > > > > > https://cwiki.apache.org/confluence/display/KAFKA/KIP-1006%3A+Remove+SecurityManager+Support > > > > > > I think this is a "code higiene" effort that doesn't need to be dealt > > > with urgently, but it would prevent a lot of headache later when Java > > > does decide to remove support. > > > > > > If you are currently using the SecurityManager with Kafka, I'd really > > > appreciate hearing how you're using it, and how you're planning around > > > its removal. > > > > > > Thanks! > > > Greg Harris > > >
Re: [DISCUSS] KIP-1006: Remove SecurityManager Support
Hey Ashwin, Thanks for your question! I believe we have only removed support for two Java versions: 7: https://cwiki.apache.org/confluence/display/KAFKA/KIP-118%3A+Drop+Support+for+Java+7 in 2.0 8: https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=181308223 in 4.0 In both cases, we changed the gradle sourceCompatibility and targetCompatibility at the same time, which I believe changes the "-target" option in javac. We have no plans currently for dropping support for 11 or 17, but I presume they would work in much the same way. Hope this helps! Greg On Mon, Nov 20, 2023 at 11:19 PM Ashwin wrote: > > Hi Greg, > > Thanks for writing this KIP. > I agree with you that handling this now will help us react to the > deprecation of SecurityManager, whenever it happens. > > I had a question regarding how we deprecate JDKs supported by Apache Kafka. > When we drop support for JDK 17, will we set the “-target” option of Javac > such that the resulting JARs will not load in JVMs which are lesser than or > equal to that version ? > > Thanks, > Ashwin > > > On Tue, Nov 21, 2023 at 6:18 AM Greg Harris > wrote: > > > Hi all, > > > > I'd like to invite you all to discuss removing SecurityManager support > > from Kafka. This affects the client and server SASL mechanism, Tiered > > Storage, and Connect classloading. > > > > Find the KIP here: > > > > https://cwiki.apache.org/confluence/display/KAFKA/KIP-1006%3A+Remove+SecurityManager+Support > > > > I think this is a "code higiene" effort that doesn't need to be dealt > > with urgently, but it would prevent a lot of headache later when Java > > does decide to remove support. > > > > If you are currently using the SecurityManager with Kafka, I'd really > > appreciate hearing how you're using it, and how you're planning around > > its removal. > > > > Thanks! > > Greg Harris > >
Re: [DISCUSS] KIP-1006: Remove SecurityManager Support
Hi Greg, Thanks for writing this KIP. I agree with you that handling this now will help us react to the deprecation of SecurityManager, whenever it happens. I had a question regarding how we deprecate JDKs supported by Apache Kafka. When we drop support for JDK 17, will we set the “-target” option of Javac such that the resulting JARs will not load in JVMs which are lesser than or equal to that version ? Thanks, Ashwin On Tue, Nov 21, 2023 at 6:18 AM Greg Harris wrote: > Hi all, > > I'd like to invite you all to discuss removing SecurityManager support > from Kafka. This affects the client and server SASL mechanism, Tiered > Storage, and Connect classloading. > > Find the KIP here: > > https://cwiki.apache.org/confluence/display/KAFKA/KIP-1006%3A+Remove+SecurityManager+Support > > I think this is a "code higiene" effort that doesn't need to be dealt > with urgently, but it would prevent a lot of headache later when Java > does decide to remove support. > > If you are currently using the SecurityManager with Kafka, I'd really > appreciate hearing how you're using it, and how you're planning around > its removal. > > Thanks! > Greg Harris >
