On Thu, 9 Apr 2026 07:25:13 GMT, Alan Bateman <[email protected]> wrote:
>> This is a new jlink plugin which allows the user to specify values of >> security properties it wants to override in the `java.security` >> configuration file in a custom runtime image. This enhancement, along with >> [the `cacerts` jlink plugin](https://github.com/openjdk/jdk/pull/29700) >> allow users to more easily create runtimes that address the specific >> security requirements of their applications. >> >> The command-line syntax takes a file containing properties that the user >> wants to override. >> >> For example: >> >> >> jlink --security-properties props.security >> >> >> where `props.security` is a file containing one more more properties in the >> `java.security` file syntax. > > src/jdk.jlink/share/man/jlink.md line 241: > >> 239: >> 240: Options >> 241: : `--security-properties=*filename*` > > I think the approach to use the contents as overrides is good. I'm just > wondering if `--security-properties` is the best name as it initially looked > like this sets the security properties when it's really more like an > overlay/patch to override the values of existing properties, or add new > properties, if you see what I mean. I think with the suggested improved description by @jerboaa it will be more clear and we don't necessarily need to change the option name. ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/30635#discussion_r3059236296
