On Tue, 11 Mar 2025 17:30:54 GMT, Kevin Driver <kdri...@openjdk.org> wrote:
>> JDK-8341775: In the case where there is a *single* META-INF directory but
>> potentially *multiple* manifest files of different cases, print a warning
>> before selecting the first one and ignoring the rest (the current behavior
>> should be maintained).
>
> Kevin Driver has updated the pull request incrementally with one additional
> commit since the last revision:
>
> review comments
src/jdk.jartool/share/classes/sun/security/tools/jarsigner/Main.java line 1993:
> 1991: hasMultipleManifests = true;
> 1992: }
> 1993: }
Can we put everything above in a try-with-resources block?
Also, are you sure we only print out this warning when `verbose != null`?
src/jdk.jartool/share/classes/sun/security/tools/jarsigner/Resources.java line
160:
> 158: {"jar.treated.unsigned.see.weak.verbose",
> 159: "WARNING: The jar will be treated as unsigned, because
> it is signed with a weak algorithm that is now disabled by the security
> property:"},
> 160: {"multiple.manifest.warning.", "Duplicate manifest entries were
> detected in the jar file. JarSigner will operate on the first one found and
> others will be discarded."},
I actually don't know which one will be operated on. If you are sure it is the
first one, can you add some lines in the test to check this?
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/22222#discussion_r1990173274
PR Review Comment: https://git.openjdk.org/jdk/pull/22222#discussion_r1990174513
