Ted Leung on the air
Ted Leung on the air: Open Source, Java, Python, and ...
Thu, 16 Jan 2003
I couldn't resist...
I hacked a proof-of-concept to compute jar dependencies based on attributes in jar file manifests. I'm not tackling the hard problems like versioning, or setting up a distributed, mirrored, repository. I figure this is a good starting point that could get refactored into a real solution. Or not.
It works like this. When jar files are created, place three new attrbutes in the manifest:

jar-id: a string representing a unique id for this jar
jar-version: a string representing the version identifier for this jar
jar-dependencies: a comma separated list of jar-id#jar-version tuples which
                 specifies the jars that this jar directly depends on
                

If all jars embedded this information, then we just compute the set of dependencies needed by the application (root) jar, get those that we don't have, compute their dependencies, and repeat until we have all the jars.

[15:26] | [computers/programming/java] | # | TB | F | G | 0 Comments | Other blogs commenting on this post
What to do about the classpath problem?
The classpath problem is getting written about a lot today: James Strachan points out Classworlds, the underpinning for Uberjar. He also relates uberjar to static linking. I would like to see a "dynamic linking" solution, where we don't have to create uberjars, and we don't need a centralized description of the jars that we need.

Ted Neward wants a new JSR that will deal with the issues of versioning and Jar-to-Jar dependencies.

Markus Kohlher thinks (and I agree with him) that we should specify the dependencies (and versions) within the jar files. He points out that the jar file spec already defines a Class-Path attribute.

A number of solutions to this problem have been proposed, but none has really come to fruition. At the ASF, we've had jjar, cjan, and now Maven. There's also a cjan project at Sourceforge. There might be even more than this.

This is a problem that needs to get solved -- a number of people are taking cracks at it. I wonder -- is there a way to get this happening faster? I know Ted Neward is interested in a JSR and Markus is working on code. I've looked at the jjar code a while ago and talked with some Maven folk about this problem at ApacheCon.

[10:25] | [computers/programming/java] | # | TB | F | G | 0 Comments | Other blogs commenting on this post
Open Source and Security
There a nice CNET editorial by Whitfield Diffie, on the role of open source software and computer security. Key statements:
As for the notion that open source's usefulness to opponents outweighs the advantages to users, that argument flies in the face of one of the most important principles in security: A secret that cannot be readily changed should be regarded as a vulnerability.
It isn't that secrets are never needed in security. It's that they are never desirable.
It's simply unrealistic to depend on secrecy for security in computer software.
The secret to strong security: less reliance on secrets.
Go read the whole thing.
[09:50] | [computers/open_source] | # | TB | F | G | 0 Comments | Other blogs commenting on this post
Already causing trouble
Sam says that my RSS feed is breaking Radio's aggregator because of my use of category domains. I did run the RSS files through the RSS validator before I turned on the blog. Glad to see that Dave Winer is going to fix Radio.

Sam -- feel free to give me an e-mail smack whenever you like if anything else like this happens.

If anyone else is having problems with the domains, please e-mail me and I'll turn them off until your aggregator can deal.

[09:42] | [computers/internet/weblogs] | # | TB | F | G | 0 Comments | Other blogs commenting on this post


twl JPG

About

Ted Leung FOAF Explorer

I work at the Open Source Applications Foundation (OSAF).
The opinions expressed here are entirely my own, not those of my employer.

Creative Commons License
This work is licensed under a Creative Commons License.

Now available!
Professional XML Development with Apache Tools : Xerces, Xalan, FOP, Cocoon, Axis, Xindice
Technorati Profile
PGP Key Fingerprint
My del.icio.us Bookmarks
My Flickr Photos


Syndicate
RSS 2.0 xml GIF
Comments (RSS 2.0) xml GIF
Atom 0.3 feed
Feedburner'ed RSS feed

January 2003 >
SuMoTuWeThFrSa
    1 2 3 4
5 6 7 8 91011
12131415161718
19202122232425
262728293031 

Archives
2006
2005
2004
2003

Articles
Macintosh Tips and Tricks

Search
Lucene
Blogs nearby
geourl PNG

Categories
/ (1567)
  books/ (33)
  computers/ (62)
    hardware/ (15)
    internet/ (58)
      mail/ (11)
      microcontent/ (58)
      weblogs/ (174)
        pyblosxom/ (36)
      www/ (25)
    open_source/ (145)
      asf/ (53)
      osaf/ (32)
        chandler/ (35)
        cosmo/ (1)
    operating_systems/ (16)
      linux/ (9)
        debian/ (15)
        ubuntu/ (2)
      macosx/ (101)
        tips/ (25)
      windows_xp/ (4)
    programming/ (156)
      clr/ (1)
      dotnet/ (13)
      java/ (71)
        eclipse/ (22)
      lisp/ (34)
      python/ (86)
      smalltalk/ (4)
      xml/ (18)
    research/ (1)
    security/ (4)
    wireless/ (1)
  culture/ (10)
    film/ (8)
    music/ (6)
  education/ (13)
  family/ (17)
  gadgets/ (24)
  misc/ (47)
  people/ (18)
  photography/ (25)
    pictures/ (12)
  places/ (3)
    us/ (0)
      wa/ (2)
        bainbridge_island/ (17)
        seattle/ (13)
  skating/ (6)
  society/ (20)



[Valid RSS]

del.icio.us linkblog

www.flickr.com

Blogroll

java.blogs
Listed on BlogShares

Locations of visitors to this page
Where are visitors to this page?

pyblosxom GIF