Preparation of update releases (original) (raw)

Volker Simonis volker.simonis at gmail.com
Fri Oct 19 16:04:15 UTC 2018

Thanks for the new queries - they indeed report much fewer issues.

I must also correct the numbers I've reported in my first email. I actually worked on the repository (and not in JBS) and I forgot to filter out merge and tag change sets. When I do that I get about the following output:

d046063 at lu0482:/priv/d046063/OpenJDK/jdk-jdk11u$ hg log -r 51349 changeset: 51349:c8895b4a8eee 51199:6331acdbe09a 51348:e0fb123fbe0b summary: Merge simonis at simonis:/OpenJDK/jdk-jdk11u$ hg log --template '{desc|strip|firstline}\n' -r 51200:51348 | egrep "^8.+" | wc -l 103

So there are 103 changes which were brought in by 11.0.1 of which only ~20 are new security fixes.

I think one of the problems is that 11.0.1 brings in a lot of changes which are already in 11, but with a different hash. E.g.

simonis at simonis:/OpenJDK/jdk-jdk11u$ hg log -k 8191907 changeset: 51235:9c1534b2e82c user: mdoerr date: Tue Nov 28 01:08:26 2017 +0300 summary: 8191907: PPC64 and s390 parts of JDK-8174962: Better interface invocations Reviewed-by: goetz

changeset: 48649:d9fcb7ba8133 user: mdoerr date: Tue Nov 28 01:08:26 2017 +0300 summary: 8191907: PPC64 and s390 parts of JDK-8174962: Better interface invocations Reviewed-by: goetz

"48649:d9fcb7ba8133" is the change which was already in jdk 11 and for some reason it was brought in again with 11.0.1 (as "51235:9c1534b2e82c"). That's strange because 8191907 was pushed in Nov. 2017 which should have been long before jdk 11.0.1 was cloned from the jdk11 repo and the jdk11 repo should have already contained 8191907 at that time. So why has this change been push one more time to 11.0.1 ?

8191907 was a security fix (as most other of the 102 changes listed above, so unfortunately I can't look at them in JBS). A quick check (haven't looked at all of the 103 changes yet) revealed, that there are actually a lot of "duplicate" changes in there. So this may actually be the explanation why I don't see only ~20 security + 7 other changes but 103. But then again, why does 11.0.1 re-import ~70 or so changes into 11u if they have been part of 11 anyway?

On Fri, Oct 19, 2018 at 4:44 PM Alan Bateman <Alan.Bateman at oracle.com> wrote:

On 19/10/2018 15:07, Volker Simonis wrote: > Hi, > > after 11.0.1 has been successfully released I'd like to describe some > of my observations on how this release has been prepared and suggest > some improvements to the process: > > - I first, naively expected that 11.0.1 will only contain security > fixes (i.e. the fixes circulated and discussed on the vuln-dev mailing > list) > - in the end I was a little surprised that in addition to the ~20 > security fixes 11.0.1 also contained ~130 other changes > - so in the end 11.0.1 is not strictly speaking a "security release" > but more a kind of combined "security" and "maintenance" release. > - because 11.0.1 was prepared in a hidden clone inside Oracle, it is > hard for others to understand which of the changes in jdk11u will also > be integrated into 11.0.1. (I know I can list all the issues fixed in > 11.0.1 in JBS, but this gives me more than 1000 changes which is not > near the additional ~130 changes which are in 11.0.1 compared to 11). > I don't know what these additional 130 issues are. Can you share your JBS query or hg command that you are using? It would also be useful to see what this give you: project = jdk and fixVersion = 11.0.1 and "Resolved In Build" is not EMPTY and labels != hgupdate-sync -Alan

More information about the jdk-updates-dev mailing list