Access Keys:
Skip to content (Access Key - 0)
Java Dependency Analysis Tool
Attachments: • Added by Mandy Chung, last edited by Mandy Chung on May 13, 2015  (view change)
Labels
  • None

In JDK 8, a new command-line tool, jdeps, is added that developers can use to understand the static dependencies of their applications and libraries.  It also provides an -jdkinternals option to find dependencies to any JDK internal APIs that are unsupported and private to JDK implementation (see Why Developers Should Not Write Programs That Call 'sun' Packages).

Simple way to run jdeps to find out if your library/application depends on any JDK internal API:

$ jdeps -dotoutput <dot-file-dir> -jdkinternals <one-or-more-jar-files....>

This jdeps command will output the dependencies in DOT file format and one output .dot file per JAR file.

You are recommended to use 8u40 jdeps (early access download from https://jdk8.java.net/download.html) that contains several enhancements and bug fixes.  See the jdeps man page for more information.

jdeps is a static analysis tool on the given class files and dynamic class dependencies (Class.forName or loading of service providers etc) are not reported.

Below lists some of the JDK internal APIs and the recommended way to replace their usage.

ComponentUnsupported API (not for use)Supported APIs (please use instead)Note
core-libs






sun.iojava.nio.charsets @since 1.4 

sun.misc.BASE64Decoder, sun.misc.BASE64Encoder,
com.sun.org.apache.xml.internal.security.utils.Base64

java.util.Base64 @since 8See http://openjdk.java.net/jeps/135
sun.misc.ClassLoaderUtiljava.net.URLClassLoader.close() @since 7

 

sun.misc.Cleanerjava.lang.ref.PhantomReference @since 1.2

JDK-6417205 may help with the resource issues that can arise when mapped byte buffers are not unmapped in a timely manner.

 

See JDK-6685587 and JDK-4724038

sun.misc.Servicejava.util.ServiceLoader @since 1.6 
sun.misc.Timerjava.util.Timer @since 1.3 
sun.misc.Unsafesun.misc.Unsafe consists of a number of use cases.  The following features are identified to provide support in the future releases:

 

In progress for JDK 9:

sun.reflect.Reflection.getCallerClassTBDSee JDK-8043814 (Efficient Stack Walk API)
security-libs






sun.security.action.*

java.security.PrivilegedAction to call System.getProperty or other action @since 1.1

AccessController.doPrivileged(
(PrivilegedAction<String>) () -> System.getProperty(key));
sun.security.krb5.*

Some provided in com.sun.security.jgss

javax.security.auth.kerkeros.EncryptionKey @since 1.9

javax.security.auth.kerkeros.KerberosCredMessage @since 1.9

javax.security.auth.kerberos.KerberosTicket.getSessionKey() @since 1.9

If internal classes are used to get the session key of Krb5Context, we now have ExtendedGSSContext for this purpose.

JDK-8043071 resolved in JDK 9 b25

sun.security.util.SecurityConstants

java.lang.RuntimePermission, java.net.NetPermission, or specific Permission class @since 1.1

 
sun.security.x509.X500Namejavax.security.auth.x500.X500Principal @since 1.4 
com.sun.org.apache.xml.internal.securityjavax.xml.crypto @since 1.6 

com.sun.net.ssl.**

javax.net.ssl @since 1.4 

security provider implementation class such as

  • com.sun.net.ssl.internal.ssl.Provider
  • sun.security.provider.Sun

java.security.Security.getProvider("SUN") @since 1.3

In general, you should avoid depending on a specific provider as it may not be available on other Java implementations. See Oracle security providers documentation for more rationale.
sun.security.provider.PolicyFile() or sun.security.provider.PolicyFile(URL)

java.security.Policy.getInstance("JavaPolicy", new java.security.URIParameter(uri)); @since 1.6

 
client-libsjava.awt.peer and java.awt.dnd.peer

Instead of doing:

if (c.getPeer() != null)  { .. }

could be replaced with:

   if (c.isDisplayable())  { ... } 

To test if a component has a LightweightPeer, use:

public boolean isLightweight() ; @since 1.2

To obtain the color model of the component comes from the peer, instead of doing:

      getPanel().getPeer().getColorModel()

could be replaced with:

    public ColorModel getColorModel();

 

All methods that refer to java.awt.peer.* and java.awt.dnd.peer.* types will be removed in JDK 9.  See  JDK-8037739 and awt-dev discussion

com.sun.image.codec.jpeg.**

sun.awt.image.codec

javax.imageio @since 1.4See JDK-6527962
   
jdbccom.sun.rowset.**javax.sql.rowset.RowSetProvider @since 7 
jaxp

org.w3c.dom.{html, css, stylesheets}

org.w3c.dom.{html, css, stylesheets} APIs are JDK supported APIs @since 9.

 

JDK-8042244 resolved in JDK 9 b62

 org.w3c.dom.xpathorg.w3c.dom.xpath API is now JDK supported API @since 9

JDK-8042244 resolved in JDK 9 b62

JDK-8054196 for XPath support any API resolved in JDK 9 b49

 com.sun.org.apache.xml.internal.resolver.** See JDK-8023732 (XML Catalog API)
 org.relaxng.datatypeorg.relaxng.** will be repackaged in JDK 9.  Users should include the org.relaxng.** types in the classpath.See JDK-8061466
compilercom.sun.tools.javac.**

javax.tools, javax.lang.model @since 1.6 com.sun.source.* @since 1.6

com.sun.tools.javac.Main is a supported API.
nashornjdk.nashorn.internal.ir.**JEP 236 Parser API for NashornJDK-8048176 (Nashorn Parser API) resolved in JDK 9 b55