-
Notifications
You must be signed in to change notification settings - Fork 100
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Java 11 Compatibility #406
Conversation
- finalized (class) variables where possible - fixed types to remove compilation warnings - fixed use of deprecated methods other changes that might possibly break things: - all declarations of Resource/Trackable interfaces are now package-private
…cess() honestly i don't know if anyone uses ringo with security policies, so this coud possibly be removed as well. for now it at least compiles with java 11
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't think that RingoSecurityManager
is in use, but security managers in general have been used to sandbox Ringo in a shared hosting platform in the past.
while (true) { | ||
do { | ||
String line = reader.readLine(); | ||
if (line == null) { | ||
// reached EOF | ||
break outer; | ||
} | ||
source = source + line + "\n"; | ||
lineno++; | ||
if (cx.stringIsCompilableUnit(source)) | ||
break; | ||
} | ||
} while (!cx.stringIsCompilableUnit(source)); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Oh, thanks for spotting a while (true)
👍
runnerInstance = runnerClass.newInstance(); | ||
runnerInstance = runnerClass.getDeclaredConstructor().newInstance(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
For the record: calling newInstance()
has been deprecated in Java 11: "This method propagates any exception thrown by the nullary constructor, including a checked exception. Use of this method effectively bypasses the compile-time exception checking that would otherwise be performed by the compiler. The Constructor.newInstance method avoids this problem by wrapping any exception thrown by the constructor in a (checked) InvocationTargetException."
int languageVersion = Context.VERSION_ES6; | ||
int languageVersion; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Makes sense since it will be overwritten anyways in the constructor.
/** | ||
* Override to decide on top-most application script class instead of java class. | ||
* This is currently not as useful as it should be because of Rhino's caching of | ||
* reflection meta-data. Because of this, classes that have already been used | ||
* by trusted code are accessible to untrusted code as well. | ||
* @param clazz the class that reflection is to be performed on. | ||
* @param which type of access, PUBLIC or DECLARED. | ||
* @exception SecurityException if the caller does not have | ||
* permission to access members. | ||
* @exception NullPointerException if the <code>clazz</code> argument is | ||
* <code>null</code>. | ||
*/ | ||
@Override | ||
public void checkMemberAccess(final Class<?> clazz, int which) { | ||
if (clazz == null) { | ||
throw new NullPointerException("class can't be null"); | ||
} | ||
if (clazz.getClassLoader() == null) { | ||
return; | ||
} | ||
final Class c = getCurrentScriptClass(); | ||
if (c != null && clazz.getClassLoader() == c.getClassLoader()) { | ||
return; | ||
} | ||
Boolean allowed = AccessController.doPrivileged(new PrivilegedAction<Boolean>() { | ||
public Boolean run() { | ||
ProtectionDomain pd = c == null ? null : c.getProtectionDomain(); | ||
return pd != null | ||
&& Policy.getPolicy().implies(pd, ACCESS_DECLARED_MEMBERS) ? | ||
Boolean.TRUE : Boolean.FALSE; | ||
} | ||
}); | ||
if (allowed.booleanValue()) { | ||
return; | ||
} | ||
checkPermission(ACCESS_DECLARED_MEMBERS); | ||
} | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looking at the deprecation notice, it's clear we should remove this method.
@grob I would keep compiling everything with OpenJDK 8 (from AdoptOpenJDK), or? |
Since further 2.x updates will be worked on in https://github.com/ringo/ringojs/tree/v2.x, I merged this PR. |
Various refactorings in ringo source to make it compatible with java 11.
Note that three tests for dates utility module fail, all others are passing.
Although i preliminary fixed RingoSecurityManager, i wonder if this could be removed as a whole? Is this feature (-P commandline argument) in use by somebody?