Re: [jakartaee-spec-project-leads] [jakarta.ee-wg] [External] : [jakarta

[Reza Rahman <reza_rahman@xxxxxxxx>]

OK. So, it sounds like Will is absolutely right in re-surfacing this conversation for EE 12.

On 1/14/2025 9:15 AM, Arjan Tijms wrote:

Hi,

It was platform wide, but not done comprehensively. Some teams forgot about it, and then refused to do it for Jakarta EE 11 still (using a service release). The reason for refusal was almost always that they didn't see value in removing the security manager for Jakarta EE 11.

See e.g. https://github.com/jakartaee/cdi/issues/831

Kind regards,

Arjan Tijms

On Mon, 13 Jan 2025 at 22:58, Reza Rahman via jakarta.ee-wg <jakarta.ee-wg@xxxxxxxxxxx> wrote:

Ed,

Do you know to what extent the Security Manager dependency removal work was done in EE 11? I know at least some work was done, but was it really platform wide, comprehensive, and consistent across specifications?

Thanks,

Reza

On 1/13/2025 4:50 PM, Will Lyons wrote:

All –

 

I don’t know if this topic has been covered so capturing it here.

 

If Jakarta EE 12 will be supported on Java 21 and Java 25, we will need to review the implications of features that are likely to be removed, including the following:

JEP 486: Permanently Disable the Security Manager

https://openjdk.org/jeps/486

https://inside.java/2024/12/11/quality-heads-up/

 

My understanding is that some Jakarta EE specifications have a dependency on Java Security Manager, especially Connector.   The implications of this removal, and the alternative actions in response, should be identified.

 

Thanks

 

Will

 

From: jakarta.ee-spec <jakarta.ee-spec-bounces@xxxxxxxxxxx> on behalf of Reza Rahman via jakarta.ee-spec <jakarta.ee-spec@xxxxxxxxxxx>
Date: Tuesday, October 22, 2024 at 5:31 AM
To: jakarta.ee-spec@xxxxxxxxxxx <jakarta.ee-spec@xxxxxxxxxxx>, jakartaee-platform developer discussions <jakartaee-platform-dev@xxxxxxxxxxx>
Cc: Reza Rahman <reza_rahman@xxxxxxxx>, jakarta.ee-wg@xxxxxxxxxxx <jakarta.ee-wg@xxxxxxxxxxx>, JakartaEE Spec Project Leadership discussions <jakartaee-spec-project-leads@xxxxxxxxxxx>
Subject: [External] : [jakarta.ee-spec] Defining Jakarta EE 12 Scope in Program Plan

Hi folks,

I would like to see if we can define clear, compelling, and specific
scope for Jakarta EE 12 as part of the Steering Committee Program Plan:
https://urldefense.com/v3/__https://docs.google.com/presentation/d/1xUNDHMP_qTHH1wA3m0yCmWVf_sHp41Qd7Opq3FhgINs/edit?usp=sharing__;!!ACWV5N9M2RV99hQ!JRyWXHKEIqZVVomnYLlS0QyUtsJEoWg8IRbVnLEaSORXIZEDGC7g2LKdj0UEv5FUv236NQVnUAlM3c_VR54pIbg1yb5z$ .
I believe this is of critical importance at this juncture. If I did not
think so, I would not bother trying. I have detailed all the rationale
here:
https://urldefense.com/v3/__https://docs.google.com/document/d/1U2qEqF9K969t5b3YuX4cwex5LJPvF3bt1w27cdKNpDM/edit?usp=sharing__;!!ACWV5N9M2RV99hQ!JRyWXHKEIqZVVomnYLlS0QyUtsJEoWg8IRbVnLEaSORXIZEDGC7g2LKdj0UEv5FUv236NQVnUAlM3c_VR54pIW1VfRhW$ .
For those that recall, something very similar was done for Jakarta EE
11, so this isn't exactly without precedent.

I would like to see if this can be done in the following couple of
weeks, when the Program Plan is due.

Thanks,

Reza

_______________________________________________
jakarta.ee-spec mailing list
jakarta.ee-spec@xxxxxxxxxxx
To unsubscribe from this list, visit https://urldefense.com/v3/__https://www.eclipse.org/mailman/listinfo/jakarta.ee-spec__;!!ACWV5N9M2RV99hQ!JRyWXHKEIqZVVomnYLlS0QyUtsJEoWg8IRbVnLEaSORXIZEDGC7g2LKdj0UEv5FUv236NQVnUAlM3c_VR54pIbNA_FIw$

_______________________________________________
jakarta.ee-wg mailing list
jakarta.ee-wg@xxxxxxxxxxx
To unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/jakarta.ee-wg