Review request 8153895 (proxy) redundant read edges to superinterfaces of proxy interfaces
Peter Levart
peter.levart at gmail.com
Wed Apr 13 20:48:11 UTC 2016
On 04/13/2016 06:02 PM, Mandy Chung wrote:
>> On Apr 12, 2016, at 11:22 PM, Peter Levart <peter.levart at gmail.com> wrote:
>>
>> No, not about security. Mainly about binary compatibility. For example:
>>
>> - library A v1 defines an interface I with some methods
>> - library B creates a dynamic proxy implementing I. It depends on library A and libraries defining types from method signatures of the interface
>> - program P uses B and depends on the transitive closure
>>
>> now comes new version of library A v2 which adds a default method to interface I with signature that requires additional dependency which is tagged as "optional". Program P does not need to call this new method on the proxy created by B. Should we force P to bundle the new dependency although it is not used?
> This is the compatibility concern I mentioned if we change the spec to do the visibility checks on types referenced by the method signatures. My take on this is that the benefit does not seem to justify the potential incompatibility. We could file an issue if you think we should look at further.
>
> I’d like to push webrev.01.
>
> Mandy
>
Yes, of course. This is a different issue.
I think it would be better to fail lazily when some type from a method
signature is not visible.
Regards, Peter
More information about the core-libs-dev
mailing list