Today if you call "jarsigner -altsigner", it works but shows a warning:
This option is deprecated: -altsigner I think we have several solutions now: 1. Remove the options. The deprecated classes become useless. 2. Keep the options and update the deprecated classes to work with new signature algorithms. The update will likely to be 2 new methods and deprecating one existing. Anyway, we will add a forRemoval=true to the classes. Of course, if we can remove all of them, that will be very clean. I'll write a mail asking Joe and Stuart tomorrow. It's 11pm here. --Max > On Apr 11, 2020, at 10:56 PM, Alan Bateman <alan.bate...@oracle.com> wrote: > > On 11/04/2020 15:41, Weijun Wang wrote: >> The options were already deprecated long ago: >> >> $ $J14/bin/jarsigner >> Usage: jarsigner [options] jar-file alias >> jarsigner -verify [options] jar-file [alias...] >> ... >> >> [-altsigner <class>] class name of an alternative signing mechanism >> (This option has been deprecated.) >> >> [-altsignerpath <pathlist>] location of an alternative signing mechanism >> (This option has been deprecated.) >> ... >> >> and they are listed in a "Deprecated Options" section in the tooldoc with >> "might be removed in a future JDK release". >> >> The only problem is I forgot to add a forRemoval=true argument to the >> @Deprecated annotation of the classes. >> > I think the next step is to terminally deprecate the API, this means adding > forRemoval=true to create awareness at compile-time. You can then remove in > some future release. You can use the opportunity to add a warning to the > jarsigner tool so that someone using these options gets a warning and knows > it will be removed in the future (they might not see deprecation notice in > the usage/help output). > > -Alan
