On Wed, 27 Jul 2022 20:24:19 GMT, Mark Powers <mpow...@openjdk.org> wrote:
> https://bugs.openjdk.org/browse/JDK-8290975 src/java.base/share/classes/javax/security/auth/PrivateCredentialPermission.java line 130: > 128: * @serial > 129: */ > 130: private final boolean testing = false; This should really use java.security.debug so this tracing can be enabled at runtime, but that's probably more of a separate fix - feel free to file a separate issue. src/java.base/share/classes/javax/security/auth/Subject.java line 28: > 26: package javax.security.auth; > 27: > 28: import sun.security.util.ResourcesMgr; I suggest putting the internal imports below the java.* or other standard imports. This isn't a rule, but is more consistent with other code. src/java.base/share/classes/javax/security/auth/Subject.java line 854: > 852: * > 853: * <p> If a security manager is installed, the caller must have a > 854: * {@link PrivateCredentialPermission} to access all the requested Hmm. I think the previous text was more correct/readable. src/java.base/share/classes/javax/security/auth/callback/NameCallback.java line 45: > 43: * @since 1.4 > 44: */ > 45: private final String prompt; I think you can also mark `defaultName` final. src/java.base/share/classes/javax/security/auth/callback/TextInputCallback.java line 46: > 44: * @since 1.4 > 45: */ > 46: private final String prompt; I think you can also mark `defaultText` final. src/java.base/share/classes/javax/security/auth/x500/X500Principal.java line 94: > 92: * NOTE: The constructor is package private. It is intended to be > accessed > 93: * using privileged reflection from classes in sun.security.*. > 94: * Currently, referenced from > sun.security.x509.X500Name.asX500Principal(). Change to "Currently, it is referenced from ..." ------------- PR: https://git.openjdk.org/jdk/pull/9664
