On Mon, 19 Jan 2026 11:25:41 GMT, Kieran Farrell <[email protected]> wrote:
>> The goal of this PR is to add a means of exposing security properties at
>> runtime to aid the debugging security related issues/misconfigurations etc.
>> Currently, only initial security properties set at start up can be exposed
>> via the `InitialSecurityProperty` JFR event.
>>
>> This patch introduces a new jcmd diagnostic command `VM.properties`, which
>> enables developers to print either the current system properties or security
>> properties of a running Java process via command-line arguments (-system or
>> -security). To avoid clutter within the jcmd command list, the old
>> `VM.system_properties` command is hidden, but not removed so will not break
>> existing usages. The implementation of each is shared to reduce duplication.
>
> Kieran Farrell has updated the pull request incrementally with one additional
> commit since the last revision:
>
> add test
src/java.base/share/classes/java/security/Security.java line 335:
> 333: @Override
> 334: public Properties getCurrentProperties() {
> 335: return (Properties) props.clone();
It seems you can avoid this clone (and thereby not locking the `Properties`
object) since the caller creates a new `Properties` object to store them in.
Same pattern as the system properties.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/29124#discussion_r2818879624
