JDK 14 Early-Access Release Notes

This is a draft of the release notes that will accompany JDK 14. The contents are subject to change until release.

Build 14

MethodType::fromMethodDescriptorString requires "getClassLoader" permission (JDK-8229785)

core-libs/java.lang.invoke

MethodType::fromMethodDescriptorString is changed in this release that when security manager is present and loader parameter is null, it will perform RuntimePermission("getClassLoader") security permission check. This is to ensure that access to the system class loader is permitted.

Existing code that calls MethodType.fromMethodDescriptorString(desc, null) may get SecurityException if access the system class loader is denied. The security policy will need to be configured to grant the permission. Applications running without security manager or with non-null loader is not impacted by this change.

Classes are now loaded and linked by Class.forName() (JDK-8212117)

core-libs/java.lang:class_loading

The specification for java.lang.Class.forName(String name, boolean initialize, ClassLoader loader) has long stated, "this method attempts to locate, load, and link the class or interface."

However, the class has not been linked when passing an initialize value of false. The following methods now ensure that linking is performed, conforming to the specification:

  • java.lang.Class.forName(String, boolean, ClassLoader)
  • java.lang.Class.forName(Module, String)
  • java.lang.invoke.MethodHandles.Lookup.findClass(String)

These methods are declared to throw LinkageError. With this change, such errors may be thrown earlier (or perhaps they weren't thrown at all, e.g. for classes that are loaded but never used). For now, there is a VM flag, -XX:+ClassForNameDeferLinking, which can be used to revert to the previous behavior, in order to allow code to be fixed to account for undiscovered LinkageErrors.

Default ErrorListener No Longer Reports Warnings and Errors to the Console (JDK-8228854)

xml/javax.xml.transform

Prior to this release, the javax.xml.transform.ErrorListener specification defined that the default ErrorListener implementation reported warnings and errors to System.err, and System.out in some cases. This requirement has been removed as of this release and the default ErrorListener now takes no action for warnings and recoverable errors; and in the case of a severe error, throws a TransformerException.

It is recommended that applications always register their own ErrorListener to ensure proper handling of warnings and errors.

Build 10

Accounting currency format support (JDK-8215181)

core-libs

Currency format instances with accounting style, in which the amount is formatted in parentheses in some locales, can be obtained by calling NumberFormat.getCurrencyInstance(Locale) with "u-cf-account" Unicode locale extension. Refer to CLDR's accounting currency format style for additional information.

Turn off AOT by default and change related flags to experimental (JDK-8227439)

hotspot/compiler

Following AOT support related flags have been made experimental: UseAOT, PrintAOT and AOTLibrary. Also default value of UseAOT has been changed from enabled to disabled.

Build 8

SunJCE provider now throws NoSuchAlgorithmException for AES/GCM/PKCS5Padding (JDK-8180392)

security-libs/javax.crypto

Prior to this release, the SunJCE provider incorrectly returned a Cipher instance for the "AES/GCM/NoPadding" transformation when a caller requested "AES/GCM/PKCS5Padding". The SunJCE provider now throws NoSuchAlgorithmException when "AES/GCM/PKCS5Padding" is requested. If you are impacted by this issue, the workaround is to use "AES/GCM/NoPadding" instead.

Removed Deprecated java.security.acl APIs (JDK-8191138)

security-libs/java.security

The deprecated java.security.acl APIs have been removed. This includes the the following classes in that package: Acl, AclEntry, AclNotFoundException, Group, LastOwnerException, NotOwnerException, Owner, and Permission.

Removal of netscape.javascript.JSObject::getWindow Method (JDK-8222563)

deploy

The obsolete netscape.javascript.JSObject::getWindow method has been removed. This method was deprecated in JDK 9. As of JDK 11, there is no longer a useful way to use this method; it always returns null.

Not Yet Integrated

New Method to SAX ContentHandler for Handling XML Declaration (JDK-8230814)

xml/jaxp

A new method declaration is added to SAX ContentHandler in this release to receive notification of the XML declaration. Implementing this method, applications will be able to receive the values of version, encoding, and standalone attributes exactly as declared in the input document.