On Thu, 7 May 2026 17:14:34 GMT, Weijun Wang <[email protected]> wrote:
>> Mikhail Yankelevich has updated the pull request incrementally with one
>> additional commit since the last revision:
>>
>> comments
>
> src/java.base/share/classes/java/security/cert/X509Certificate.java line 133:
>
>> 131: * The validity period consists of two time values:
>> 132: * the first and last times on which the certificate is valid.
>> 133: * It is defined in
>
> In RFC 5280, it's
>
> Validity ::= SEQUENCE {
> notBefore Time,
> notAfter Time }
>
> Time ::= CHOICE {
> utcTime UTCTime,
> generalTime GeneralizedTime }
Changed here and removed from `getNotBefore()` as it reference this doc anyway
> src/java.base/share/classes/java/security/cert/X509Certificate.java line 402:
>
>> 400: * The {@code Date} returned by {@code getNotAfter()} should not be
>> null.
>> 401: *
>> 402: * @throws NullPointerException when {@code getNotAfter()} returns
>> null.
>
> Calling `getNotAfter` is an implementation detail and should not appear in a
> general `@throws` line. My current opinion is that this should be described
> in the `@implSpec`. So remove this `@throws` and change the last line of
> `@implSpec` to something like `If {@code getNotAfter()} returns {@code null},
> this method throws a {@code NullPointerException}`. The existing "should not
> be null" could be confusing.
>
> And, append `(never {@code null})` to the `@return` line.
>
> Same with the `getNotBefore` method.
Changed in the next commit
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/30047#discussion_r3207930032
PR Review Comment: https://git.openjdk.org/jdk/pull/30047#discussion_r3207934875
