Thanks Remi,
We're still building on 8, for CORBA-IIOP stubs, but will look into this
when we've found an alternative IIOP stub compiler.
--
Regards,
Peter
On 23/06/2021 8:02 pm, Remi Forax wrote:
- Mail original -
De: "Andrew Dinn"
À: "Peter Firmstone" , "discuss"
Cc: "security-dev"
Envoyé: Mercredi 23 Juin 2021 11:19:42
Objet: Re: Authorization layer API and low level access checks.
OHi Peter,
n 23/06/2021 04:02, Peter Firmstone wrote:
1. StackWalker - Can stack walker be back ported to Java 8?
The right place to ask about this is the jdk8u updates project list.
However, you probably don't need to ask there because the answer is
almost certainly going to be a very loud no.
JDK8u is in long term maintenance mode. The goal of the updates project
for that release is to fix security issues and critical bugs *and
nothing else* so that existing deployments remain stable as far as
possible. Except when required to meet those goals backporting of new
functionality is done only under exceptional circumstances.
The only recent examples of new function backports that I am aware of
have involved merging up functionality from downstream releases in order
to 1) unify the platform and 2) enable downstream contributors to help
to maintain a single, standard release i.e. highly exceptional cases
where there was a problem for existing users. Your request, by contrast,
is exactly the sort of case that maintainers are trying to avoid -- it
will introduce change with no gain and the potential of breakage for the
vast majority of users.
If you want to deal with deployments pre and post removal of the
Authorization support that you currently rely on I suggest you consider
doing that by using a multi-release implementation and package it using
the multi-release jar format. If you don't like the idea of
multi-release jars you can still implement a standard jar format
solution using a provider model. However, you will still need to build
the alternative provider jars using the relevant JDK releases so that
different providers can rely on different JDK capabilities..
Technically, you may not need several JDKs because you can ask javac to behave as if it
was compiling like a previous JDK using the option "--release" (this option is
also available with Maven and Gradle).
I believe that compiling as the release 8 will be supported up to Java 23.
regards,
Andrew Dinn
---
Red Hat Distinguished Engineer
Red Hat UK Ltd
Registered in England and Wales under Company Registration No. 03798903
Directors: Michael Cunningham, Michael ("Mike") O'Neill
regards,
Rémi
