The terms 'library' and 'module path' could use a definition in that
section.

It should maybe be somewhat more clear that the installation of modules
into a module repository (library?) requires special tooling, and that
modules are not editable in-place; these are both things which will
break most developers' assumptions going in.

The role of Jigsaw's versioning scheme at the different phases could be
clarified somewhat. It could be made more clear that Jigsaw imposes a
single version scheme and thus a single module repository format (that's
how it appears at least).

It is worth clarifying that in the Jigsaw model, nothing is exported by
default. There seems to be no provision for filtering the set of
packages, classes, and/or resources which are imported from a dependency.

The disposition of META-INF and resource (non-package) directories is
not clear, especially in terms of export and import behavior.

Negative dependencies would add a great deal of complexity; I would
advise against it (think of Windows NT ACLs and their mixed allow/deny
rule sets; experts knew the best practices but most people just screwed
them up).

One key guiding principle seems to be missing: keep it simple...

Mark,

I have a bunch of those except flames. So here they are, for what they're worth.
Granted, a significant share of applications simply rely on avoiding ClassNotFoundException. Nevertheless there is also a significant share of applications that require some form of side-by-side versioning, dynamic (un)loading and the ability to access functional units through a service locator of some form. This is basically any kind of application that needs to manage some form of lifecycle. This is not just containers: applications deployed to containers often have to deal with dynamic, e.g., a dependent module appearing or disappearing.

While I agree that optimizing for static modules matches a reality, you should not be scared of providing a sensible solution to the dynamic cases. Otherwise people will necessarily hack on top of your APIs and come up with incompatible and discussable solutions.

People have adopted systems like OSGi, or came up with solutions on their own involving classloader wizardry. They may not be perfect but at the very least they do work now.

Narrowly-scoped solutions may be advisable, but at the very least they must not reject prior art that was validated by real needs, especially if you put the long adoption cycles of Java releases into the balance.
No flame here, but again, this is where Jigsaw will either win or become yet another java.util.logging.

Implementing a container within the JDK would be a mistake, but this does not prevent from adding the support for adding/removing modules at runtime. Do you have any public document discussing the possible approaches for your APIs contracts?

I guess that you will be able to dynamically load a module like you can load a class from a classloader, but without the ability to unload then people will fall in the traps where others (OSGi?) fell: reliance of the GC to clean up, hoping that no stale references exists, etc.
Correct me if I'm wrong, but this is the same as OSGi export clauses, right?

I always felt like it was weird to have public classes that in reality are not being made visible at the package level. In OSGi this leads to JARs / bundles / modules that have public types not being really public depending on the runtime context (classpath, OSGi, etc).

Why not rely on the compilation unit visibility? Like introducing a "module protected visibility" without managing it at the module metadata level? I tend to think that "module protected class Foo { }" is cleaner than "public class Foo { }" only to be made "hidden" in module-info.java by not having a corresponding exports clause.
It may be just me, but I don't find it explicit to have "requires public foo" meaning that the module re-exports from foo. 'reexports foo" as a separate clause may be more readable, although slightly less concise.

But isn't the seminal "The Feel of Java" article all about explicit/readable over implicit/concise? :-)
Can't this lead to unexpected types visibility at runtime depending on which module was actually resolved as a dependency? Wouldn't it be useful to be defensive regarding what imports bring you in crappy modules by having the possibility of filtering?

Or maybe the "permits" clause could be used just for that?
I think so.
You may want to add a sentence and/or example to say how "java -m Foo" can pick one view or the other.
What you have here sounds good in principle, especially using ServiceLoader, but we again get to the point of dynamics.

On one hand you have a nominal static module system and a mechanism to bind to services provided by modules in a decoupled fashion. Great. On the other hand you seem not to be willing to have full dynamic modules + services + lifecycle notifications although you seem to intend that there will be an API to still load them dynamically? which means that Jigsaw may likely end up being half-baked here? meaning that people will hack on top of that or resort to solutions like OSGi which will most likely not be 100% 2-ways compatible and have their own issues.

Today is the chance to provide a clean language + JVM solution to address dynamics instead of letting people come up with hacks. Balkanization is what the Java community would rather avoid I suppose.

I'm sure an open discussion such as the ones you are initiating on this list can only lead to pragmatic consensus? and eventually a much needed JSR once it stabilizes.




Cheers

--
Julien Ponge
http://julien.ponge.info/

Here's a reply I didn't manage to send to the list...

Regards,
Glyn

Given the amount of discussion about resolution throughout the entire
document (which I'm glad to see), it sure seems like it should be
mentioned as one of the design principles.

Perhaps something like:
Requirements for resolution change depending on context - For compile
time, resolution should favor the earliest possible version of a module.
At installation time, favoring the latest possible version is likely
appropriate, and further, persisting this configuration for later reuse
and faster load times may be an essential characteristic. For testing
scenarios the need to select a variety of combinations for compatibility
checks will require recomputing resolution with each execution, possibly
with additional constraints added.

-Eric.

Those terms are given brief inline definitions when introduced. They'll
be explained more fully later on, in sections still being written.
These points will be made in a forthcoming section.
I'll make a note to clarify these points.

Re. single library format: Yes, there's only one.

Re. filtering: You're right, there is at present no way to do that.
We haven't yet seen any use cases for it.

Re. META-INF and resources: Our current thinking is that these are not
subject to import or export; they're just part of a module's private
data. If a module needs to export resources then it can do so via the
ResourceBundle facility, which will be enhanced to export resources in
terms of services (though the details of that remain to be worked out).
I agree they'd add complexity, and I'd prefer to avoid them unless there
are strong use cases in their favor.
Well, we've tried to keep it as simple as possible given our goals and
constraints. Suggestions for ways to make it simpler are welcome.

Bear in mind that most developers will never need to think about permits
clauses, local dependences, or views. I'll see if I can reorganize the
next draft to separate the fundamental features from those that are for
more advanced scenarios.

- Mark

Those requirements have not been dropped. The features intended to
address them, principally the module-system API, will be covered in
forthcoming sections.

- Mark

Hello Mark, hello all others reading here.

Sorry for my bad english, I am not a native speaker. I am just a brazilian java developer (living in old germany for 20 years now) that did in fact have to implement some modular applications/ architectures - sometimes at compiletime, sometimes at runtime. I did some OSGi, but mostly I got away with some maven or ivy magic on compile/ build time and spring components/ configurations at runtime. I am trying to follow news on jigsaw for a while now, but I was never involved in building something any close to a jvm. I even managed to build and showcase jigsaw lately here in a conference, but again, I am not a java rock star.

Unfortunately, I can't reply directly to the mail because I joined the mailing list too late. It was my understanding, that the jigsaw mailing list was for implementation matters only, not for discussing proposals/ requirements/ documents. So my reply comes out of thread.

Reading the "big picture" is see more questions than answers. I simply don't understand what this draft is for. It is titled big picture, but it is draft and part 1. There is no way to address such a topic in so few lines, so my apology if I am not getting it or reading wrongly between the lines. Besides, you have a draft 12 (I did miss the 11 other ones) requirement document online that would better fit the title "big picture".

The whole "we don't have a JSR" and we have some bits of information here and there is - IMHO - doing more damage than helping the cause. I share the 2008 visions (wouldn't it be cool(*), there is not a moment to loose, Mark, do you remember?). But meanwhile the world around java shifted surprisingly, and my focus is now on "there is not a moment to loose" and lesser on "wouldn't it be cool".

Here some thoughts.

Big picture, the design principles:

(1) Modularity is a language construct
(2) Module boundaries should be strongly enforced
(3) Static, single-version module resolution is usually sufficient

Sounds good, but (1) is the whole point of adding modularization to the jdk, or we could just stick to OSGi. A modularization that is not enforced is not (read enforcement as explained here(**) ), so we all agree on (2). That we are going to need split packages loaded in a common class loader because of the mess in the jdk (see java.util package) goes against (2). From the requirements document, draft 12:

In support of platform modularization, it must be possible to declare that the types defined in a specific set of modules must be loaded by the same class loader.

But (3) is something that I really do not get. Again, from the requirements document:

Multi-version support should only be enabled when type collisions can be detected and reported as errors. This most likely means that it cannot be enabled for run-time linking since detecting collisions is nontrivial.

This most likely means?!? Seriously ? just one version at runtime? The whole point of versioning and modularization is that we HAVE version collisions, and we are witnessing repackaging of all sorts circumventing our version conflicts. This is why we started using something like OSGi, despite of all the doing, tooling and architectural pain.

If we can have only one version resolved, we aren?t getting any better than with ivy or maven dependency management and dependency mediation. By the way, the new Big picture is messing around with the terminology we are used to: from maven, spring ? and somehow from common sense ? we know ?scopes? as where to use the artifacts/ components (runtime, compile-time, test-time, etc.). Then we have different life cycles: maven defines a concise project lifecicle. Every single component model defines its own component life cycle, and regarding modules (at the same level of granularity) we have a bundle life cycle defined by OSGi. In this context, take a look at ?Phases? in the big picture?




(*) http://mreinhold.org/blog/cool
(**) http://www.theserverside.com/feature/OSGi-Because-Sharing-Shouldnt-Be-Painful

I don't think this is worth elevating to the level of a design principle.
Phase-dependent resolution behavior is nothing new (e.g., Maven does it),
so it's not a distinguishing feature of the Jigsaw module system.

- Mark

Thanks for your comments -- replies below.
There are definitely important classes of applications that require
fully-dynamic multi-version module resolution and service lookup with
a rich lifecycle API. That's a pretty complicated programming model,
however, and it's not one that most Java developers need, nor is it
required in order to modularize the platform itself. In SE 8 we're
therefore proposing just to solve the simpler, more-common problem,
and to make sure that developers who actually need to use frameworks
like OSGi can do so in a way that works well with the base platform.
I completely agree that adding a container to the JDK would be a mistake,
and we aren't proposing to do that. You suggest that we could still
support the general dynamic loading and unloading of modules at runtime,
but that would add significant complexity to both the programming model
(i.e., the specification) and the implementation. The Jigsaw design is,
so far, very much simpler than OSGi, and that's largely because we chose
early on not to try to solve all the big problems that OSGi addresses.

As to API documentation, we have some (admittedly sketchy) Javadoc right
now; a forthcoming section of the "big picture" document will have more
details, and we'll be fleshing out the Javadoc as we go.
No, it's not. Export declarations in Jigsaw are meaningful in all
phases, whereas in OSGi they're pretty much just a run-time concept.
They're also much stronger than in OSGi, since access to non-exported
types is specifically disallowed at run time by the JVM.
We've considered that. If we were starting from scratch today, such a
general module-accessibility modifier could well be the way to go. With
countless lines of existing Java code out in the wild, however, our take
is that if developers have to modify all their source code and rebuild
their libraries and systems in order to take advantage of modularity (or,
equivalently but less robustly, run tools over their existing binaries),
then that would be a significant barrier to adoption.
I agree that that's arguably more Java-like. It's really a matter of
syntax, so we're going to go with what we have for now; this can easily
be revisited later on.
No, `permits` wouldn't work for that.

Whether a module should be able to filter the types that it re-exports is
an interesting question; I'll make a note of it.
Good point; I'll do that.
Our aim is that Jigsaw be "baked enough" that container-type applications
can be built on top of it, and can load and unload independent modular
components or applications. Developers who really need rich dynamism
should go use OSGi or a similar framework.

- Mark

On further thought, and prompted by a hallway conversation with Alex,
perhaps the essence of what you're getting at is that modules are
relevant to all phases of development rather than just, say, to run
time. That's definitely a distinguishing aspect of the Jigsaw module
system; I'll work it into the design-principles section in the next
draft.

Thanks,
- Mark

Hi,

After having participating in Maven for years I think it was a wrong
choice to not have a stronger definition/enforcement of versions.
It is in the central place of the resolution system and it becomes a
nightmare when you have to compare Alpha, beta, RC, CR, ... and many others
versions that we may not imagine.
Nowadays we have also a lot of issues because of the conflict between
OSGi versions and Maven SNAPSHOTs.
I agree to relax some rules like having the ability to not use versions
as far as you don't share modules with others, but after that when modules
have to be shared I think that you need to have something really strict to
propose an efficient resolution mechanism.

About modules definitions it isn't clear for me if sources are/can be
considered as resources and thus shared within modules. We have the case
for example to share sources for GWT but in many others cases (from IDEs,
....).
Related to that I see nothing maven classifiers. The major part of time
this is useful especially at compile/development time to reuse some
variations of a same maven artifact (sources, javadocs, ...) but when
jigsaw will be out I would like to have the ability in Maven (and others
build systems) to reuse jigsaw repositories thus they'll need to be
extensible (the repository layout and the identification/resolution system)

Thanks.

Arnaud

The module definition doesn't look like Java at all to me, take this example
module bar @ 1.0 {
requires foo;
exports bar;
view bar.internal {
permits baz;
exports bar.private;
}
}
so I really don't think it should be part of the java language itself.
I think it will require a lot of extensions to the language and
introduce 'pseudo' keywords - keywords that are only keywords inside
the module section, but not elsewhere.
Besides, I still like to see how this can be made extensible as required in [1].

Additionally, you say that the module declaration is by convention in
a module-info.java file. I think we need something stronger than a
convention here as I don't think you'd want 2 files both declaring the
module definitions inside a single module.
I think we should mandate a single module definition file in a
well-known location such as /META-INF/module-info.jmod where the
format of that module-info.jmod is either a text-based DSL (maybe
similar to the module declaration above, but then extensible) or using
XML.

I have made this point before, but I don't feel it has been taken into
consideration appropriately in the current design.

Best regards,

David

[1] http://openjdk.java.net/projects/jigsaw/doc/draft-java-module-system-requirements-12#extensible-module-declarations

Hi,

thank you for the good big picture. I know have a somewhat better
feeling what jigsaw will/can be.
the top syntactic
Further
|>module bar {
|
view,
public
What happens in the following example?

|module bar {
requires foo;
|| permits baz;
|| exports barpackage;
|||
| view bar.publicview {
exports barpackage.public;
}
}

Module bar only allows baz to access the module. Through the view bar.publicview every module can access barpackage and barpackage.public.
|
Isn't here a discrepancy not to inherit the permits clauses of the containing module?

|What happens to the local-dependencies? baz can access|package-private types in barpackage. Can baz also localy depend on barpackage.public?




My next question goes to reexported and version numbers:

|>module foo {
What would happen if definition of buz and bar are the following:

|module bar {
requires public foo @ 1.0;
}
|

|module buz {
requires baz; // Can also use foo's exported types
requires foo @>= 2.0;
}

The use case is: buz want to use functionality of baz.
baz also provides some functionality for which foo must be reexported. But buz is not using this functionality.
But buz uses some functionlity in foo that is only supported since version 2.0 of foo.
Can buz override the reexported dependency of foo at 1.0 to foo@>=2.0?

We can get in the the same situation if an old version of bar doen't need foo at all. buz already uses foo @>= 2.0
Now buz bar starts using foo @ 1.0 and unintentionally reexportes foo.
||Can buz override the reexported dependency of foo at 1.0 to foo@>=2.0?
|

|-- Sebastian
|

You're right, it hasn't. That's intentional, because we've chosen for
now to explore the option of treating module declarations as part of
the language. The ultimate design and specification could well turn
out differently, but going into the JSR process I want to make sure
that we have a good understanding of the linguistic approach.

- Mark

As you say later on, this is an open question. I'm highly skeptical
that a "clean and simple" design supporting fully-dynamic resolution
is possible, but I'd be happy to be proved wrong.
Me neither -- in fact it's impressive what OSGi can do given that
it's not deeply integrated with the underlying platform.
Perhaps, but only for the simplest of scenarios.
No, I mean that if you somehow do get a reference to such an object
you won't be able to do anything with it. The JVM's access-checking
machinery won't let you, in the same way and for the same reason that
it won't let you invoke a private method.

- Mark