In JDK 8, a new command-line tool, jdeps, is added that developers can use to understand the static dependencies of their applications and libraries. It also provides an -jdkinternals option to find dependencies to any JDK internal APIs that are unsupported and private to JDK implementation (see Why Developers Should Not Write Programs That Call 'sun' Packages).
Simple way to run jdeps to find out if your library/application depends on any JDK internal API:
$ jdeps -jdkinternals <one-or-more-jar-files....>
You can output the dependencies in DOT file format:
$ jdeps -dotoutput <output directory> -jdkinternals <one-or-more-jar-files....>
See the jdeps man page for more information. jdeps is a static analysis tool on the given class files and dynamic class dependencies (Class.forName or loading of service providers etc) are not reported.
Below lists some of the JDK internal APIs and the recommended way to replace their usage.
| Unsupported API (not for use) | Supported APIs (please use instead) | Note |
|---|---|---|
| sun.io | java.nio.charsets | |
sun.misc.BASE64Decoder, sun.misc.BASE64Encoder, | java.util.Base64 | See http://openjdk.java.net/jeps/135 |
| sun.misc.ClassLoaderUtil | java.net.URLClassLoader.close() | |
| sun.misc.Service | java.util.ServiceLoader | |
| sun.misc.Unsafe | TBD | A JEP will be submitted to define a supported API |
| sun.reflect.Reflection.getCallerClass | TBD | A JEP will be submitted to define a supported API |
| sun.security.krb5.* | com.sun.security.jgss | If internal classes is used to get the session key of Krb5Context, we now have ExtendedGSSContext for this purpose. |
| sun.security.x509.X500Name | javax.security.auth.x500.X500Principal | |
| com.sun.image.codec.jpeg.** | javax.imageio | See JDK-6527962 |
| com.sun.org.apache.xml.internal.security | javax.xml.crypto | |
| com.sun.net.ssl.** | javax.net.ssl | |
| com.sun.rowset.** | javax.sql.rowset.RowSetProvider | |
| com.sun.tools.javac.** | com.sun.tools.javac.Main is a supported API. |
Overview
Content Tools
ThemeBuilder