Hi Rick, Here's a few thoughts about ways we could possibly improve the DERBY-6945 release note:
1) In the derbyshared.jar section, we could point out that derbyrun.jar now includes derbyshared.jar automatically, so if you use derbyrun.jar for your CLASSPATH, no changes are needed for derbyshard.jar (at least, that seems to be my experience). 2) I think we could make the security policy section of the release note more explicit. I suspect this is actually likely to be the trickiest part of the upgrade for existing Derby users, and the current release note doesn't really walk them through the important parts of the changes. Would it be fair to say something like: The principal changes to the security configuration are as follows: (1) the new derbyshared.jar codebase needs the appropriate permissions, as described in the Security guide (2) The package names and class names have changed from Derby 10.14, so existing policy files need to adjust the lines which mention Derby package and class names, as described in the Security guide, and (3) if you are running with a MODULEPATH, rather than a CLASSPATH, the jdk.module.path permissions must be in place, as described in the Secuirty guide. 3) And do they really need to review the entire Security guide? Or do they just have to look at db-derby-10.15.1.0-bin/docs/html/security/csecjavasecurity.html ? If that's the only really affected area, perhaps we could make the release note hyperlink go directly to that section in the Security guide, rather than to the top-level table of contents for the entire Security guide, which is a bit overwhelming. :) thanks, bryan
