Re: [PR] Mark AccessControlContext, AccessController, and SecurityManager as forbidden [solr]

2024-08-21 Thread via GitHub
iamsanjay closed pull request #2634: Mark AccessControlContext, AccessController, and SecurityManager as forbidden URL: https://github.com/apache/solr/pull/2634 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL abov

Re: [PR] Mark AccessControlContext, AccessController, and SecurityManager as forbidden [solr]

2024-08-15 Thread via GitHub
iamsanjay commented on PR #2634: URL: https://github.com/apache/solr/pull/2634#issuecomment-2291509006 We’ll drop this one for now and revisit it when we're about to upgrade. Thanks for your help @uschindler, and also for clearing up the confusion about the `DocumentObjectBinder`. Appreciat

Re: [PR] Mark AccessControlContext, AccessController, and SecurityManager as forbidden [solr]

2024-08-15 Thread via GitHub
uschindler commented on PR #2634: URL: https://github.com/apache/solr/pull/2634#issuecomment-2291460770 > I'll share my thought process on how I used forbidden APIs. Initially, I added entries to the config files while we were still using Java 11. Once we move to Java 21, there will be no n

Re: [PR] Mark AccessControlContext, AccessController, and SecurityManager as forbidden [solr]

2024-08-15 Thread via GitHub
uschindler commented on PR #2634: URL: https://github.com/apache/solr/pull/2634#issuecomment-2291438971 Hi, in my opinion the whole thing is not needed at all. On the day when you switch to Java 17 or 21 as minimum version you get the forbiddenwarnings automatically (by both forbiddenapi

Re: [PR] Mark AccessControlContext, AccessController, and SecurityManager as forbidden [solr]

2024-08-15 Thread via GitHub
iamsanjay commented on PR #2634: URL: https://github.com/apache/solr/pull/2634#issuecomment-2291197986 I'll share my thought process on how I used forbidden APIs. Initially, I added entries to the config files while we were still using Java 11. Once we move to Java 21, there will be no need

Re: [PR] Mark AccessControlContext, AccessController, and SecurityManager as forbidden [solr]

2024-08-14 Thread via GitHub
dsmiley commented on PR #2634: URL: https://github.com/apache/solr/pull/2634#issuecomment-2289390135 @uschindler I'm a little unclear on how a project should juggle Java warnings & forbiddenapis. I might argue that if javac is going to give a warning, then wouldn't updating forbiddenapis c

Re: [PR] Mark AccessControlContext, AccessController, and SecurityManager as forbidden [solr]

2024-08-10 Thread via GitHub
iamsanjay commented on PR #2634: URL: https://github.com/apache/solr/pull/2634#issuecomment-2282637826 For some reason, forbiddenApis didn't flag DocumentObjectBinder from solrj, even though it uses AccessController. -- This is an automated message from the Apache Git Service. To respond

[PR] Mark AccessControlContext, AccessController, and SecurityManager as forbidden [solr]

2024-08-10 Thread via GitHub
iamsanjay opened a new pull request, #2634: URL: https://github.com/apache/solr/pull/2634 https://issues.apache.org/jira/browse/SOLR-17321 Updated code to mark `SecurityManager`, `AccessControlContext`, and `SecurityManager` as forbidden to align with the upcoming Java version.