On Wed, 24 Jun 2026 10:13:09 GMT, Viktor Klang <[email protected]> wrote:

>> src/java.base/share/classes/java/lang/System.java line 502:
>> 
>>> 500:      *          private fields that might otherwise be hidden by an 
>>> identity object.
>>> 501:      *          Developers should be cautious about storing sensitive 
>>> secrets in value object fields.
>>> 502:      *      </div>
>> 
>> It's not clear what kind of information gets exposed and what kind of 
>> caution a developer should exercise when storing sensitive information in 
>> fields of value classes. I think from an application developer point of 
>> view, this text in its current form raises unanswered questions than being a 
>> helpful guidance on what the application developer should do.
>
> I agree with Jai. Furthermore, I think it needs explain what things are 
> exposed and in what way they can be discovered.

I've created https://bugs.openjdk.org/browse/JDK-8388069 to track this.

-------------

PR Review Comment: https://git.openjdk.org/jdk/pull/31123#discussion_r3558096976

Reply via email to