your patch for antlr-maven-plugin/2.2-6

Vladimir Petko vladimir.petko at canonical.com
Wed Sep 25 07:04:27 BST 2024 

Hi Matthias,

Yes, the patch does exactly that - ignores the SecurityManager manager
exception.

As far as I know the patch was applied to the Debian package[1]. It
was not forwarded upstream as it is not maintained anymore as far as I
can understand.
You may either use the Debian package in your project, or use your own
copy of the antlr-maven-plugin sources with this patch applied.

Best Regards,
 Vladimir.

[1] https://tracker.debian.org/news/1556607/accepted-antlr-maven-plugin-22-6-source-into-unstable/

On Wed, Sep 25, 2024 at 5:42 PM Matthias Apitz <guru at unixarea.de> wrote:
>
>
> Hello Vladimir, and Cc'ed maintainers,
>
> We have an historical Java written application for a search engine,
> using since ages ANTLR2 and the AST produced by it. We now want
> to move with all the code to Java 21, but the ANTLR2 part does not
> compile anymore.
>
> It says:
>
> mvn clean
> mvn install
> ...
> [ERROR] Failed to execute goal org.codehaus.mojo:antlr-maven-plugin:2.2:generate (default) on project infoguide-query-grammar: Execution default of goal org.codehaus.mojo:antlr-maven-plugin:2.2:generate failed: The Security Manager is deprecated and will be removed in a future release -> [Help 1]
>
> See also my post in
> https://github.com/antlr/antlr4/discussions/4700
>
> While googling around to find a solution, below to move to ANTLR4, I
> found your post and patch in the Debian buck-tracker:
>
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053206
>
> I pulled the sources from Debian repos and looked into it:
>
> http://deb.debian.org/debian/pool/main/a/antlr-maven-plugin/antlr-maven-plugin_2.2.orig.tar.gz
>
> grep -li SecurityManager antlr-maven-plugin-2.2/src/main/java/org/codehaus/mojo/antlr/*.java
> antlr-maven-plugin-2.2/src/main/java/org/codehaus/mojo/antlr/AbstractAntlrMojo.java
> antlr-maven-plugin-2.2/src/main/java/org/codehaus/mojo/antlr/NoExitSecurityManager.java
>
> i.e. the SecurityManager is only used in two sources and there to catch
> the 'exit' of the tool 'antlr'.
>
> Do you have addressed this issue "ANTLR2 for Java 21" in some way?
>
> I'm not a Java crack (my background is C and UNIX), but I imagine that
> the above source could be changed to not use the deprecated
> SecurityManager.
>
> Thanks
>
>         matthias
>
>
> --
> Matthias Apitz, ✉ guru at unixarea.de, http://www.unixarea.de/ +49-176-38902045
> Public GnuPG key: http://www.unixarea.de/key.pub

More information about the pkg-java-maintainers mailing list