Jigsaw prototype, take 2
mark.reinhold at oracle.com
mark.reinhold at oracle.com
Thu Sep 5 21:21:53 PDT 2013
2013/9/4 10:50 -0700, david.lloyd at redhat.com:
> On 09/04/2013 05:27 PM, mark.reinhold at oracle.com wrote:
>> Do you have links to any good descriptions of these best practices?
>> That'd be helpful.
>
> Not a lot as links, as mostly they are "community knowledge" among our
> various teams, but here's a couple for each that I can find relatively
> quickly:
>
> For Maven:
>
> * Version ranges considered harmful [1] [2] [3] [4] (and probably more);
> we disallow them within our own products for stability reasons
> * Transitive-by-default causes problems in mid to large projects due to
> extensive conflicts [can't find the discussion...]; fix is to use and
> verify exclusions, specify "provided" scope, and use
> maven-enforcer-plugin [5] to ban transitive dependencies
Thanks. These observations match my own understanding of how Maven and
similar tools (Ivy, Gradle) are used in practice. As far as I can tell
one of the primary functions of these tools is to allow developers to
correct broken version information in the artifacts they're trying to
use, and of course to resolve conflicts. One developer I know put it
this way: Nobody actually uses version constraints, and the actual
version numbers in pom.xml files might as well be hash codes.
> For OSGi:
>
> * Using the full capabilities of range dependencies can cause resolution
> to be NP-complete; best practice is to use ranges in a more restricted
> manner [6]
Yes, though the degree to which this is a problem in practice seems
unclear.
> * Require-Bundle not recommended due to lack of hiding non-public
> packages among other things [no link] (however, to be fair this is only
> due to the way Require-Bundle was designed; it's not an inherent flaw,
> but it is a best practice not to use it, hence it fits the criteria)
Right.
- Mark
More information about the jigsaw-dev
mailing list