My name is Rory O'Donnell, I am the OpenJDK Quality Group Lead.
I'm contacting you because your open source project seems to be a
very popular dependency for other open source projects.
As part of the preparations for JDK 9, Oracle’s engineers have been
analyzing open source projects like yours to understand usage. One
area of concern involves identifying compatibility problems, such as
reliance on JDK-internal APIs.
Our engineers have already prepared guidance on migrating some of
the more common usage patterns of JDK-internal APIs to supported
public interfaces. The list is on the OpenJDK wiki .
As part of the ongoing development of JDK 9, I would like to inquire
about your usage of JDK-internal APIs and to encourage migration
towards supported Java APIs if necessary.
The first step is to identify if your application(s) is leveraging
Step 1: Download JDeps.
Just download a preview release of JDK8(JDeps Download).
You do not need to actually test or run your application on JDK8.
looks through JAR files and identifies which JAR files use
internal APIs and then lists those APIs.
Step 2: To run JDeps against an application. The command
jdk8/bin/jdeps -P -jdkinternals *.jar >
The output inside your-application.jdeps.txt will look like:
-> com.sun.corba.se JDK internal API (rt.jar)
3rd party library using Internal APIs:
If your analysis uncovers a third-party component that you rely on,
you can contact the provider and let them know of the upcoming
changes. You can then either work with the provider to get an
updated library that won't rely on Internal APIs, or you can find an
alternative provider for the capabilities that the offending library
Dynamic use of Internal APIs:
JDeps can not detect dynamic use of internal APIs, for example
through reflection, service loaders and similar mechanisms.
Quality Engineering Manager
Oracle EMEA , Dublin, Ireland