David, I've added the 23-ea and 24-ea versions to most of the Apache Commons builds on GitHub CI. This has revealed that some third-party tooling does not support those versions yet.
We do have some old issues with conversions of date/times but I'm not sure if this makes it worse or better yet. Gary On Mon, Jul 22, 2024 at 1:29 AM David Delabassee <david.delabas...@oracle.com.invalid> wrote: > > Welcome to the OpenJDK Quality Outreach summer update. > > JDK 23 is now in Rampdown Phase Two [1], its overall feature has been frozen > a few weeks ago. Per the JDK Release Process, we have now turned our focus to > P1 and P2 bugs, which can be fixed with approval [2]. Late enhancements are > still possible, with approval, but the bar is now extraordinarily high. That > also means that the JDK 23 Initial Release Candidates are fast approaching, > i.e., August 8th [3]! So, and in addition to testing your projects with the > latest JDK 23 early-access builds, it is now a good time to start testing > with the JDK 24 early-access builds. > > Make sure to also check the heads-up below as some are related to JDK 23 and > might have some impact, i.e., the first one being related to the eventual > removal of the Security Manager and the second one discusses the removal of > the legacy COMPAT locale provider. > > [1] https://mail.openjdk.org/pipermail/jdk-dev/2024-July/009252.html > [2] https://openjdk.org/jeps/3#rdp-2 > [3] https://openjdk.org/projects/jdk/23/ > > > ## Heads-up - JDK 23: Subject.getSubject API Requires Allowing the Security > Manager > > In JDK 17 and as announced in JEP 411 [4], the Security Manager was > deprecated for removal. As part of that change, several Security Manager > APIs, such as `AccessControlContext`, were deprecated for removal. The > `Subject::doAs` and `Subject::getSubject` APIs depend on Security Manager > related APIs even though they do not require Security Manager to be installed > to use them. > > As of JDK 23 [5], to help applications prepare for the eventual removal of > the Security Manager, subject authorization and the Subject APIs' behavior > depend on allowing the Security Manager: > - If the system property `java.security.manager` is set on the command line > to the empty string, a class name, or the value `allow` then there is no > behavior change compared to previous releases. > - If the system property `java.security.manager` is not set on the command > line or has been set on the command line to the value `disallow`, invoking > the `Subject.getSubject` method will throw `UnsupportedOperationException`. > > Yet, running an application with `-Djava.security.manager=allow` is a > temporary workaround to keep older code working. Maintainers of code using > `Subject.doAs` and `Subject.getSubject` are strongly encouraged to migrate it > with utmost priority to the replacement APIs, `Subject.callAs` and > `Subject.current`. Make sure to check [5] and [6] for additional details. > > The jdeprscan tool [7] scans a JAR file for usage of deprecated API elements > and is helpful to find code using these methods. Additionally, consider > migrating as soon as possible code that stores a `Subject` in an > `AccessControlContext` and invokes `AccessController.doPrivileged` with that > context. Such code will stop working when the Security Manager is removed. > > [4] https://openjdk.org/jeps/411 > [5] https://jdk.java.net/23/release-notes#b15 > [6] https://inside.java/2024/07/08/quality-heads-up/ > [7] https://dev.java/learn/jvm/tools/core/jdeprscan/ > > > ## Heads-up - JDK 23: Unicode / Removal of COMPAT Locale Provider > > ### A Quick History of Locale Data in the JDK > > Before the Unicode Consortium created the Common Locale Data Repository > (CLDR) in 2003 to manage locale data, the JDK had to provide its own > collection. It did so successfully and in JDK 8 supported about 160 locales. > To reduce maintenance effort, allow better interoperability between > platforms, and improve locale data quality, the JDK started to move towards > CLDR in 2014: > - JDK 8 comes with two locale data providers, which can be selected with the > system property java.locale.providers: > . JRE/COMPAT for the JDK’s legacy data collection (default) > . CLDR for the CLDR data > . a custom locale provider can be implemented > - JDK 9 picks CLDR by default > - JDK 21 issues a warning on JRE/COMPAT > > There are plenty of minor and a few notable differences between the legacy > data and CLDR - the recently rewritten JEP 252 [8] lists a few of them. > > ### Locale Data in JDK 23 > > JDK 23 [9] removes legacy locale data. As a consequence, setting > java.locale.providers to JRE or COMPAT has no effect. > > Projects that are still using legacy locale data are highly encouraged to > switch to CLDR as soon as possible. Where that is infeasible, two > alternatives remain: > - Create custom formatters with patterns that mimic the legacy behavior and > use them everywhere where locale-sensitive data is written or parsed. > - Implement a custom locale data provider [10]. > > For more details on that as well as on CLDR in the JDK in general, please > check JEP 252 [8] that has been recently rewritten to provide better > information and guidance. > > [8] https://openjdk.org/jeps/252 > [9] https://bugs.openjdk.org/browse/JDK-8325568 > [10] > https://docs.oracle.com/en/java/javase/22/docs/api/java.base/java/util/spi/LocaleServiceProvider.html > > > ## Heads-up - JDK 23: Initial Leyden Early-Access Builds > > Project Leyden published its first early-access builds (24-leyden+2-8 > 2024/6/20) [11]. The initial release is focused on improving Java > applications start-up time, but other Leyden optimizations will be explored > in future releases. > > Below are some of the highlights of these Leyden EA builds: > - Ahead-of-time compilation of Java methods to natively execute them as soon > as the application starts up in the production run; > - Ahead-of-time resolution of constant pool entries allows the AOT compiler > to generate better code and for your application to start faster; > - Ahead-of-time generation of Dynamic Proxies and reflection data as > frameworks use those extensively during start-up time; > - A unified Cache Data Store (CDS) archive to simplify the creation of the > CDS archive, while supporting multiple types of optimization artifacts; > - Loaded Classes in the CDS archive as soon the application starts up; > - Class loader lookup cache to help application frameworks perform repeated > lookups without repeatedly scanning the classpath; > - Archived Method Profiles to reach Java application peak performance faster. > > The easiest way to start with Leyden features is by using the java program in > the Leyden Early Access Release with the -XX:CacheDataStore flag. More > details of this Leyden EA Build can be found in the release notes [12]. > > [11] https://jdk.java.net/leyden/ > [12] https://github.com/openjdk/leyden/blob/leyden-ea1-release-notes/README.md > > > ## JDK 23 Early-Access Builds > > The JDK 23 early-access builds 32 are available [13], and are provided under > the GNU General Public License v2, with the Classpath Exception. The Release > Notes are available here [14] and the Javadoc here [15]. > > [13] https://jdk.java.net/23/ > [14] https://jdk.java.net/23/release-notes > [15] https://download.java.net/java/early_access/jdk23/docs/api/ > > > ## JDK 24 Early-Access Builds > > The JDK 24 early-access builds 7 are available [16], and are provided under > the GNU General Public License v2, with the Classpath Exception. The Release > Notes are available here [17]. > > ### Changes in recent JDK 24 builds that may be of interest: > - JDK-8334299: Deprecate LockingMode option, along with LM_LEGACY and > LM_MONITOR > - JDK-8330846: Add stacks of mounted virtual threads to the HotSpot thread … > - JDK-8333649: Allow different NativeCall encodings > - JDK-8333755: NumberFormat integer only parsing breaks when format has suffix > - JDK-8330842: Support AES CBC with Ciphertext Stealing (CTS) in SunPKCS11 > - JDK-8327793: Deprecate jstatd for removal > - JDK-8248981: Specify list of standard message digest and mgf algorithms for > RSASSA-PSS signature > - JDK-8334580: Deprecate no-arg constructor BasicSliderUI() for removal > - JDK-8320448: Accelerate IndexOf using AVX2 > - JDK-8333749: Consolidate ConstantDesc conversion in java.base > - JDK-8329141: Obsolete RTM flags and code > - JDK-8330198: Add some class loading related perf counters to measure VM > startup > - JDK-8330699: Obsolete -XX:+UseEmptySlotsInSupers > - JDK-8334734: Remove specialized readXxxEntry methods from ClassReader > > This is only a curated list, a complete list of changes can be found here > [18]. > > [16] https://jdk.java.net/24/ > [17] https://jdk.java.net/24/release-notes > [18] https://github.com/openjdk/jdk/compare/jdk-24+0...jdk-24+7 > > > ## Topics of Interest > > - Integrity by Default - Inside Java Newscast > https://inside.java/2024/07/18/newscast-73/ > > - Java and AI? - Inside Java Newscast > https://inside.java/2024/07/04/newscast-72/ > > - What Happened to String Templates? - Inside Java Newscast > https://inside.java/2024/06/20/newscast-71/ > > - Java Language Futures - Spring 2024 Edition > https://inside.java/2024/07/01/java-language-futures/ > > - Project Loom - Structured Concurrency > https://inside.java/2024/07/13/structured-concurrency/ > > - How to Build Custom Java Runtimes with Jlink > https://inside.java/2024/06/21/build-runtimes-with-jlink/ > > > ## July 2024 Critical Patch Update Released > > As part of the July 2024 CPU, Oracle released OpenJDK 22.0.2, JavaFX 22.0.2, > JDK 22.0.2, JDK 21.0.4 LTS, JDK 17.0.12 LTS, JDK 11.0.24 LTS, JDK 8u421 as as > well as JDK 8u421-perf. > > ~ > > > We still have a few days before JDK 23 enters into the Release Candidate > phase so please make sure to test your projects on the latest early-access > builds and report any issue… but that shouldn't be a reason to not enjoy the > summer and recharge your batteries! 😎 > > --David --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org For additional commands, e-mail: dev-h...@commons.apache.org
