(groovy) branch master updated: GROOVY-10581: Prepare for deprecation of security manager (doco and comment updates)

[paulk]

This is an automated email from the ASF dual-hosted git repository.

paulk pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/groovy.git


The following commit(s) were added to refs/heads/master by this push:
     new e1e3d9e2be GROOVY-10581: Prepare for deprecation of security manager 
(doco and comment updates)
e1e3d9e2be is described below

commit e1e3d9e2be808c76350ede32224e25aa9ddb1d8c
Author: Paul King <pa...@asert.com.au>
AuthorDate: Tue Mar 31 15:32:42 2026 +1000

    GROOVY-10581: Prepare for deprecation of security manager (doco and comment 
updates)
---
 src/main/java/org/apache/groovy/util/SystemUtil.java                  | 4 ----
 src/main/java/org/codehaus/groovy/vmplugin/VMPlugin.java              | 2 +-
 src/main/java/org/codehaus/groovy/vmplugin/v8/IndyInterface.java      | 2 +-
 src/spec/doc/core-domain-specific-languages.adoc                      | 4 ++--
 subprojects/groovy-binary/src/spec/doc/index.adoc                     | 2 --
 .../src/test/java/org/codehaus/groovy/jsr223/JSR223SecurityTest.java  | 2 +-
 6 files changed, 5 insertions(+), 11 deletions(-)

diff --git a/src/main/java/org/apache/groovy/util/SystemUtil.java 
b/src/main/java/org/apache/groovy/util/SystemUtil.java
index d0145ab754..73490f8190 100644
--- a/src/main/java/org/apache/groovy/util/SystemUtil.java
+++ b/src/main/java/org/apache/groovy/util/SystemUtil.java
@@ -49,7 +49,6 @@ public class SystemUtil {
     /**
      * Sets a system property from a {@code name=value} String.
      * If no '=' is found, the property is assumed to be a Boolean flag with 
value {@code true}.
-     * Does nothing if a Security manager is in place which doesn't allow the 
operation.
      *
      * @param nameValue the non-null name=value String
      * @return the found property name or null if the operation wasn't 
successful
@@ -69,7 +68,6 @@ public class SystemUtil {
      * <ul>
      * <li>the property isn't found</li>
      * <li>the property name is null or empty</li>
-     * <li>if a security manager exists and its checkPropertyAccess method 
doesn't allow access to the specified system property.</li>
      * </ul>
      *
      * @param name         the name of the system property.
@@ -90,7 +88,6 @@ public class SystemUtil {
      * <ul>
      * <li>the property isn't found</li>
      * <li>the property name is null or empty</li>
-     * <li>if a security manager exists and its checkPropertyAccess method 
doesn't allow access to the specified system property.</li>
      * </ul>
      *
      * @param name the name of the system property.
@@ -105,7 +102,6 @@ public class SystemUtil {
      * <ul>
      * <li>the property isn't found</li>
      * <li>the property name is null or empty</li>
-     * <li>if a security manager exists and its checkPropertyAccess method 
doesn't allow access to the specified system property.</li>
      * </ul>
      *
      * @param name the name of the system property.
diff --git a/src/main/java/org/codehaus/groovy/vmplugin/VMPlugin.java 
b/src/main/java/org/codehaus/groovy/vmplugin/VMPlugin.java
index 99978c8bf1..bab14e2b0f 100644
--- a/src/main/java/org/codehaus/groovy/vmplugin/VMPlugin.java
+++ b/src/main/java/org/codehaus/groovy/vmplugin/VMPlugin.java
@@ -134,7 +134,7 @@ public interface VMPlugin {
      * @param ao the accessible object
      * @return {@code true} if the {@code accessible} flag is set to {@code 
true};
      *         {@code false} if access cannot be enabled.
-     * @throws SecurityException if the request is denied by the security 
manager
+     * @throws SecurityException if the request is denied by the security 
manager (legacy comment)
      */
     boolean trySetAccessible(AccessibleObject ao);
 
diff --git a/src/main/java/org/codehaus/groovy/vmplugin/v8/IndyInterface.java 
b/src/main/java/org/codehaus/groovy/vmplugin/v8/IndyInterface.java
index b680af15db..a3674ef730 100644
--- a/src/main/java/org/codehaus/groovy/vmplugin/v8/IndyInterface.java
+++ b/src/main/java/org/codehaus/groovy/vmplugin/v8/IndyInterface.java
@@ -134,7 +134,7 @@ public class IndyInterface {
                 enableLogger = true;
             }
         } catch (SecurityException e) {
-            // Allow security managers to prevent system property access
+            // Allow security managers to prevent system property access 
(legacy comment)
         }
 
         LOG_ENABLED = enableLogger;
diff --git a/src/spec/doc/core-domain-specific-languages.adoc 
b/src/spec/doc/core-domain-specific-languages.adoc
index 988f46932b..0f926013e7 100644
--- a/src/spec/doc/core-domain-specific-languages.adoc
+++ b/src/spec/doc/core-domain-specific-languages.adoc
@@ -729,8 +729,8 @@ For a complete list of options, please refer to 
gapi:org.codehaus.groovy.control
 This customizer will allow the developer of a DSL to restrict the
 *grammar* of the language, for example, to prevent users from using particular 
constructs.
 It is only ``secure'' in that one aspect, i.e. limiting the allowable 
constructs within a DSL.
-It does *not* replace a security manager which might additionally
-be needed as an orthogonal aspect of overall security.
+It does *not* replace other aspects of security which might additionally
+be needed.
 The only reason for it to exist is to limit the expressiveness of the
 language. This customizer only works at the AST (abstract syntax tree)
 level, not at runtime! It can be strange at first glance, but it makes
diff --git a/subprojects/groovy-binary/src/spec/doc/index.adoc 
b/subprojects/groovy-binary/src/spec/doc/index.adoc
index 220f2454f8..b612833960 100644
--- a/subprojects/groovy-binary/src/spec/doc/index.adoc
+++ b/subprojects/groovy-binary/src/spec/doc/index.adoc
@@ -171,8 +171,6 @@ offer some of the same security features as Java programs, 
including:
 
 Special security support is provided through:
 
-* gapi:groovy.lang.GroovyShell[], gapi:groovy.lang.GroovyClassLoader[] and 
other parts of the Groovy runtime fully support the Java security manager which 
allows you to sandbox script execution with a security policy. (Note: this 
functionality might be scaled back in future Groovy versions or when running
-on particular JDK versions in line with https://openjdk.org/jeps/411[JEP 411])
 * gapi:org.codehaus.groovy.control.customizers.SecureASTCustomizer[]
 secures source code by controlling what code constructs are permitted or 
prohibited in a code base
 (or part of a code base)
diff --git 
a/subprojects/groovy-jsr223/src/test/java/org/codehaus/groovy/jsr223/JSR223SecurityTest.java
 
b/subprojects/groovy-jsr223/src/test/java/org/codehaus/groovy/jsr223/JSR223SecurityTest.java
index e70bb538e2..9894b97699 100644
--- 
a/subprojects/groovy-jsr223/src/test/java/org/codehaus/groovy/jsr223/JSR223SecurityTest.java
+++ 
b/subprojects/groovy-jsr223/src/test/java/org/codehaus/groovy/jsr223/JSR223SecurityTest.java
@@ -119,7 +119,7 @@ class GroovySecurityManager {
             }
         }
         catch (Throwable ex) {
-            throw new RuntimeException("Could not initialize the security 
manager", ex);
+            throw new RuntimeException("exception trying to initialize test", 
ex);
         }
     }