Skip to content

Document current issues using JDKs > 17 and nailgun #22533

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
benjyw merged 2 commits into from
Jul 26, 2025
Merged

Document current issues using JDKs > 17 and nailgun #22533

benjyw merged 2 commits into from
Jul 26, 2025
+32 −1

Conversation

@jberkel
Copy link
Contributor

@jberkel jberkel commented Jul 23, 2025
edited
Loading

Ran into #20603. This is quite a big gotcha and the workaround should be documented while a proper fix is prepared (disabling nailgun by default).

https://pantsbuild.slack.com/archives/C046T6T9U/p1753112068755689

@cburroughs cburroughs requested a review from benjyw July 25, 2025 18:03
benjyw
benjyw approved these changes Jul 26, 2025
View reviewed changes
Copy link
Contributor

@benjyw benjyw left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks!

It's unfortunate, but our choices are 1) take over maintenance of Nailgun or 2) create an alternative.

@benjyw benjyw merged commit 2c29f79 into pantsbuild:main Jul 26, 2025
24 checks passed
@jberkel
Copy link
Contributor Author

jberkel commented Jul 26, 2025

Maybe there are some quick fixes, see facebookarchive/nailgun#204. Will take a look.

@jberkel jberkel deleted the nailgun branch July 26, 2025 16:46
@benjyw
Copy link
Contributor

benjyw commented Jul 26, 2025

Ah interesting. I'd be happy with a bandaid like this that kicks the can down the road a bit.

We'd have to fork nailgun, but that's not too hard.

@jberkel
Copy link
Contributor Author

jberkel commented Jul 27, 2025
edited
Loading

Unfortunately, it's not a quick fix :(

The security manager was used to intercept and forward System.exit which gets called for example by the Scala compiler at the end of the compilation. There's no replacement planned for this: https://bugs.openjdk.org/browse/JDK-8199704

A solution could be to use some custom code for the compilation, but in that case maybe a real compile server should be used instead. They also suggest using bytecode manipulation as a possible solution, but that's quite invasive.

https://inside.java/2021/04/23/security-and-sandboxing-post-securitymanager/

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@benjyw benjyw benjyw approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@jberkel @benjyw