Category: In English
[LinkSet] Compatibility
Theoretical part
- https://en.wikipedia.org/wiki/Backward_compatibility
- https://en.wikipedia.org/wiki/Source_code_compatibility
- https://en.wikipedia.org/wiki/Binary_code_compatibility
- http://blogs.msdn.com/b/jmstall/archive/2008/03/10/binary-vs-source-compatibility.aspx
Articles from Oracle
- Incompatibilities in J2SE 5.0 (since 1.4.2)
- Java SE 7 and JDK 7 Compatibility
- Java SE 6 Compatibility
- Java 2 Platform, Standard Edition Version 1.4.0 Compatibility with Previous Releases
- Kinds of Compatibility: Source, Binary, and Behavioral
- javac: Cross-Compilation Options
http://JEP 223: New Version-String Scheme
Six kinds of compatibility
Each Joda-Time relase has descriptions of incompatible changes categorized by six kinds:
Compatibility between 2.8 and 2.9
———————————
Build system — Yes
Binary compatible — Yes
Source compatible — Yes
Serialization compatible — Yes
Data compatible — Yes
— DateTimeZone data updated to version 2015g
Semantic compatible — Yes
When binary compatibilities are broken then Majour Version changed. For example v2.0 changelist
Explanation from Stephen Colebourne, author of Joda-Time:
Build system
Not part of compatibility, just a fact about the build system in use
Example: in v2.2
- Ant build removed. Build only on Maven now.
Also, I think, it may be changing in artifact coordinates: groupId, artifactId or even changed repository. Maybe some changes in manifest, for example required dependencies. Or added OSGI manifest info. Maybe some classes was repackaged. Or old artifact was built with ANT and doesn’t contains a Maven’s pom.xml manifest like horrible Xerex library and then was mavenized.
It also may be recompilation with optimizations or without debug information.
But I think that changing in packaging may be a separate kind of compatibility change.
Binary compatible and Source compatible
Whether the whole API is binary compatible or source compatible. See this document
Serialization compatible
Whether the serialization format is compatible with the previous version.
Data compatible
Whether the data, time-zone data in this case, has changed.
For example: some time zone was changed or even removed. If your database stores old timezone id and application trying to create a date object with this timezone id you’ll get an exception.
Semantic compatible
Whether there is some other semantic change. This is relevant when the classes and methods have not changed, but the meaning of a method has.
See section Serialization incompitables below
For example: v2.0 has a lot of semantic changes
Previously, DateTimeZone.forID matched time zone names case-insensitively, now it is case-sensitive
I think it always hard to separate semantic changes when dealing with bugs. For example, JDK has bug when using null as key in Map
And that was a question is this a bug or feature.
Another one example, is Apache Commons Lang library. In version 3 the methods StringUtils.isAlpha(), isNumeric() and isAlphanumeric() now all return false when passed an empty String. Previously they returned true.
Semantic looks like correlated with behavior compatibility. When changed not signatures but they flow or contract.
Also it’s often situation when behavior was just undefined by contract. For example old class Vector doesn’t declare behavior about removing elements during iteration. That’s why was created new class ArrayList and Vector was accepted as Superseded.
So, deprecation, as any changes in contract may be also some kind of semantic change.
Serialization incompitables
- http://www.javaworld.com/article/2071731/core-java/ensure-proper-version-control-for-serialized-objects.html
- http://www.jguru.com/faq/view.jsp?EID=5064
- https://stackoverflow.com/questions/11973394/how-to-support-backwards-compatible-serialization-when-refactoring-a-class-into
- https://msdn.microsoft.com/en-us/library/ms229752(v=vs.110).aspx
Compatible incopatibility
Also I think that it should be some kind of «reverse compatibility» that means a contract usage. For example, I saw an issue when subclass of HashMap doesn’t follow a contract. This change was compatible in all ways but all clients become incompatible. How to predict it, I don’t know.
Each of developer has experience when you can’t change something in your API because there is some clients that abuse it or implemented incorrectly. So it should have it’s own classification and developers should think about this kind of reverse incompatibility.
Complexity compatibility
I mean the complexity of program in wide sense: algorithm speed, it’s derivate and consumption of resources (memory, i/o, CPU, disk space), and even source code beautification and structural changes like refactoring. You know, some algorithms may use more memory but use low processor.
For example, in some early versions of 64 bit JDK your application may fail with OutOfMemory error. This was change absolutely compatible in all categories mentioned before.
Another one sample is when new version of program is working more slowly than previous.
It may not change a contract and flow or anything else may it’s also may be changes that requires an attention.
Tool for checking API and BPI
- Java API Source Compatibility Checker
- Versioning java smells for animal-sniffer
- Java API Compliance Checker (Java ACC)
- Andrey Ponomarenko developed few tools for tracking API changes like Java API Compliance Checker (Java ACC) and you can hire him.
- http://wiki.apidesign.org/wiki/SignatureTests
- https://stackoverflow.com/questions/2040693/how-to-identify-a-missing-method-binary-compatibility-in-a-jar-statically
- Clirr (used by Joda-Time)
- http://www.sab39.org/Software/Japitools/42/
- http://tattletale.jboss.org/
- Evolving Java-based APIs 2
Service provider interface (SPI)
https://stackoverflow.com/questions/2954372/difference-between-spi-and-api
https://en.wikipedia.org/wiki/Service_provider_interface
Also interesting
[LinkSet] Dependency duplicates in Maven and Jar Hell with Java Classloader
Theoretical part:
Java Classloader
Maven: Introduction to the Dependency Mechanism
What is JAR hell? (Or is it classpath hell? Or dependency hell?)
Jar Hell made Easy — Demystifying the classpath with jHades
See JHades documentation, it very useful to find overlapping jars.
Another tool for dealing with Jar Hell is Weblogic Classloader Analysis Tool.
One of the most problematic dependency is Xeres Xerces Hell. It’s a good example how not to do library.
This presentation is a great resource about Jar Hell and the different type of classpath related exceptions:
But little bit boring.
dealing with dependency chain issues in maven
Maven Enforcer plugin has extra rule
Ban Duplicate Classes
Also it should be very useful if you have legacy project that still runs under Java 6 or 7 you should avoid dependencies compiled with never Java 8.
You can use enforceBytecodeVersion
Please also make sure that you also specified requireJavaVersion (to compile), requireUpperBoundDeps, requireReleaseDeps, requirePluginVersions and other useful standard rules .
Also if you have a submodules in project it will be also useful ono-extra-enforcer-rules
So, your enforcer rules may looks like:
<plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-enforcer-plugin</artifactId> <version>1.4.1</version> <executions> <execution> <id>enforce</id> <goals> <goal>enforce</goal> </goals> <configuration> <rules> <bannedPlugins> <!-- will only display a warning but does not fail the build. --> <level>WARN</level> <excludes> <exclude>org.apache.maven.plugins:maven-verifier-plugin</exclude> </excludes> <message>Please consider using the maven-invoker-plugin (http://maven.apache.org/plugins/maven-invoker-plugin/)!</message> </bannedPlugins> <requireMavenVersion> <version>3.0.5</version> </requireMavenVersion> <requireJavaVersion> <version>1.8</version> </requireJavaVersion> <requireReleaseDeps> <onlyWhenRelease>true</onlyWhenRelease> <message>No Snapshots Allowed!</message> </requireReleaseDeps> <requireUpperBoundDeps> <!-- 'uniqueVersions' (default:false) can be set to true if you want to compare the timestamped SNAPSHOTs --> <!-- <uniqueVersions>true</uniqueVersions> --> </requireUpperBoundDeps> <reactorModuleConvergence> <message>The reactor is not valid</message> <ignoreModuleDependencies>true</ignoreModuleDependencies> </reactorModuleConvergence> <requirePluginVersions> <message>Best Practice is to always define plugin versions!</message> <banLatest>true</banLatest> <banRelease>true</banRelease> <banSnapshots>true</banSnapshots> <phases>clean,deploy,site</phases> <additionalPlugins> <additionalPlugin>org.apache.maven.plugins:maven-eclipse-plugin</additionalPlugin> <additionalPlugin>org.apache.maven.plugins:maven-reactor-plugin</additionalPlugin> </additionalPlugins> <unCheckedPluginList>org.apache.maven.plugins:maven-enforcer-plugin,org.apache.maven.plugins:maven-idea-plugin</unCheckedPluginList> </requirePluginVersions> <enforceBytecodeVersion> <maxJdkVersion>1.6</maxJdkVersion> <excludes> <exclude>org.mindrot:jbcrypt</exclude> </excludes> </enforceBytecodeVersion> <banDuplicateClasses> <ignoreClasses> <!-- example of ignoring one specific class --> <ignoreClass>com.xyz.i18n.Messages</ignoreClass> <!-- example of ignoring with wildcards --> <ignoreClass>org.apache.commons.logging.*</ignoreClass> </ignoreClasses> <findAllDuplicates>true</findAllDuplicates> </banDuplicateClasses> <banCircularDependencies/> <ForbidOverridingManagedDependenciesRule> <excludes> <!-- guava in parent is too old, so allow to override it --> <exclude>com.google.guava:guava</exclude> </excludes> </ForbidOverridingManagedDependenciesRule> <ForbidOverridingManagedPluginsRule/> <ForbidDependencyManagementInSubModulesRule/> <ManageAllModulesRule/> </rules> </configuration> </execution> </executions> <dependencies> <dependency> <groupId>org.codehaus.mojo</groupId> <artifactId>extra-enforcer-rules</artifactId> <version>1.0-beta-3</version> </dependency> <dependency> <groupId>net.oneandone.maven</groupId> <artifactId>ono-extra-enforcer-rules</artifactId> <version>0.1.1</version> </dependency> </dependencies> </plugin>
Two attempts to find duplicated classes with Maven
Remove duplicate classes the agile way: Maven Duplicate Finder Plugin
Finding Duplicate Class Definitions Using Maven
Both of this plugins are discussed here:
Figuring out duplicate class definitions using the Analyze goal
Also maven-shade-plugin does check for overlapping classes during packaging of uber-jar.
Resolving conflicts using the dependency:tree -Dverbose
It shows which dependencies are duplicated (omitted for duplicate
), with are evicted with newer version (version managed from 1.6
) but it doesn’t show which dependencies was excluded.
Another one good thing that worst to do is enable Failing the build on dependency analysis warnings. Note: it binded to verify
phase that runed after package
.
JDEPS Java Dependency Analysis Tool from JDK 8
- jdeps: JDK 8 Command-line Static Dependency Checker
- https://wiki.openjdk.java.net/display/JDK8/Java+Dependency+Analysis+Tool
- Maven jdeps Plugin
- org.apache.maven.plugins:maven-jdeps-plugin:3.0.0:jdkinternals
- org.codefx.maven.plugin:jdeps-maven-plugin
- jdeps man page
Also some related articles
- Will There Be Module Hell?
- Understanding Maven Dependency Mediation (Part 1)
- Understanding Maven Dependency Mediation (Part 2)
Versions compitable
For example changelog of Joda-Time v2.9
Compatibility with 2.8
Build system — Yes
Binary compatible — Yes
Source compatible — Yes
Serialization compatible — Yes
Data compatible — Yes
— DateTimeZone data updated to version 2015g
Semantic compatible — Yes
See another [Linkset] Compatibility
Jigsaw
It is possible a situation when some two libraries wanting to use the same dependency but of different versions. Unfortunately, in this cases we can’t manage this and should use -nodep versions.
Finally this problem will be resolved in JDK 9 Jigsaw: a jar can be declared as a module and it will run in it’s own isolated class loader, that reads class files from other similar module class loaders in an OSGI sort of way.
This will allow multiple versions of the same Jar to coexist in the same application if needed.
Working with deprecation
Upgrading of dependncies may require to remove some old codebase that depends on them.
This is also should be done in right way, so here some links that may helps:
* JEP 277
* Dr. Deprecator Prescriptions: important things that you should know about obsolete Java API
Speed up maven build
It’s also related topic. The main reason why I decided to add it here is because usually during speeding up build you will find a lot of problems with dependency graph.
It will helps you to make yoir project more modulized. Also for example paralell build may fails if your tests are in conflict (shares same resources, for example integration tests may use the same port).
Dependency analyzers
- STAN Eclipse-based structure analysis tool for Java (screenshots from JavaOne and other occasions show Oracle and OpenJDK team must have used that on Java itself, too
- Class Dependency Analyzer (CDA)
- JDepend (seems a bit outdated)
Also useful
* jApiCmp japicmp is a tool to compare two versions of a jar archive
* Java API Compliance Checker: A Perl script that uses javap to compare two jar archives. This approach cannot compare annotations and you need to have Perl installed.
* Clirr: A tool written in Java that compares two libraries for binary compatibility. Tracking of API changes is implemented only partially, tracking of annotations is not supported. Development has stopped around 2005.
* JDiff: A Javadoc doclet that generates an HTML report of all API changes. The source code for both versions has to be available, the differences are not distinguished between binary incompatible or not. Comparison of annotations is not supported.
* revapi: An API analysis and change tracking tool that was started about the same time as japicmp. It ships with a maven plugin and an Ant task, but the maven plugin currently (version 0.4.1) only reports changes on the command line.
[Grails] ConfigObject
A popular question about ConfigSlurper:
Hey guys, I had in a project the following:
String variable = grailsApplication.config.grails.property.name + grailsApplication.config.grails.anotherproperty.name
And was working for almost a year but suddenly it stop working and throwing an error regarding the ConfigObject doesn’t have a plus method, did something similar happened to anyone?
Did someone knows why it was working and suddenly stop working ?
It doesn’t work because one of ‘property.name’ or ‘anotherproperty.name’ is not set.
If some option is not set, then ConfigSlurper return instance of ConfigObject.
That’s a common mistake.
Good news is that empty ConfigObject can be casted to false by the Groovy Truth.
Thus, to avoid this kind of mistakes and get null instead of ConfigObject you can use Elvis operator write something like:
// return empty list if supportedLocales isn't set grailsApplication.config.supportedLocales ?: [] // return null if defaultLocale isn't set grailsApplication.config.defaultLocale ?: null
Conditional Verbosity With Temporary Log Queues
I found a great advise in article Optimal Logging and it worth to mention separately:
When errors occur, the log should contain a lot of detail. Unfortunately, detail that led to an error is often unavailable once the error is encountered. Also, if you’ve followed advice about not logging too much, your log records prior to the error record may not provide adequate detail. A good way to solve this problem is to create temporary, in-memory log queues. Throughout processing of a transaction, append verbose details about each step to the queue. If the transaction completes successfully, discard the queue and log a summary. If an error is encountered, log the content of the entire queue and the error. This technique is especially useful for test logging of system interactions.
It’s cool idea, I’ll try in practice.
And Michael Würtinger created a SLF4J extension for doing it.