Summary

java.util.jar.JarEntry.getCodeSigners() and JarEntry.getCertificates() have been updated to specify that they return a new array each time these methods are invoked when a non-null value is returned.

Problem

The implementation of JarEntry.getCodeSigners() and getCertificates() both return a copy of the original array. However, the current API documentation does not specify this behavior. This prevents subclasses and applications from relying on the behavior, and has resulted in redundant cloning in some subclasses.

Solution

Clarify the API specification of both methods to state explicitly that they return a new array each time they are invoked when a non-null value is returned. This ensures callers understand that modifying the returned array does not modify the internal state of the JarEntry.

Specification

The specification of java.util.jar.JarEntry.getCertificates() and getCodeSigners() is updated to document the current JDK implementation behavior using @implSpec. The documentation now states that, if the return value is non-null, the JDK implementation returns a new array on each invocation. This clarifies the existing behavior without strengthening the public API contract for this legacy class.

See Attached.