Greg, I have not been following this closely, so apologies for some basic questions.
Has the SecurityManager been fully removed in JDK 23? What is the effect of running Kafka 3.9.0 with JDK 23? By "4.0 breaking changes" do you mean changes to our JDK/Scala supported versions, removal or ZK, Kafka API changes, or something else? In general, I do not think we should change our supported JDK versions in a hotfix release. I see https://issues.apache.org/jira/browse/KAFKA-17638 which explicitly adds JDK 23 to our CI with a fix version of 4.0.0. Lack of support for JDK 23 in 3.9.x is not a bug, it is what we planned (as far as I can tell). Also, I feel that we should not add too much to 3.9.x aside from actual bugs. If we backport things into 3.9.x, it will slow adoption of 4.x and increase our maintenance burden over time. Just my $0.02 Thanks! David A On Wed, Nov 20, 2024 at 12:22 PM Greg Harris <greg.har...@aiven.io.invalid> wrote: > Hi all, > > Now that 3.9.0 is released and 4.0.x is progressing, I'd like to understand > everyone's expectations about the 3.9.x branch, and ask for a specific > consensus on Java 23 support. > > Some context that I think is relevant to the discussion: > * KIP-1006 [1] proposes a backwards-compatible strategy for handling the > ongoing removal of the SecurityManager, which is merged and due to release > in 4.0.0 [2]. > * KIP-1012 [3] rejected ongoing parallel feature development on a 3.x > branch while having trunk on 4.x. > * During the 3.9.0 release, the patch [2] was rejected [4] due to being a > new feature which did not meet the feature freeze deadline. > * Other than the SecurityManager removal, there are additional PRs which > would also need to be backported for full Java 23 support [5] including a > Scala patch upgrade. > * Downstream users are asking for a backport [6] because adding support for > Java 23 would obligate them to also include the 4.0 breaking changes. > > So while adding Java version support in the past has been a KIP-less > feature and normally only appears in the next version, it happens to align > with a major version bump this time. This will cause additional pain for > users if we do not elect to backport this. > > Thanks, > Greg > > [1] > > https://cwiki.apache.org/confluence/display/KAFKA/KIP-1006%3A+Remove+SecurityManager+Support > [2] https://github.com/apache/kafka/pull/16522 > [3] > > https://cwiki.apache.org/confluence/display/KAFKA/KIP-1012%3A+The+need+for+a+Kafka+3.8+and+3.9+release > [4] https://lists.apache.org/thread/xy5rwd1w274qgpwf3qxxnzlqpoly5d4p > [5] https://issues.apache.org/jira/browse/KAFKA-17638 > [6] https://github.com/apache/kafka/pull/16522#issuecomment-2488340682 > -- David Arthur
