--
You received this message because you are subscribed to the Google Groups "jspecify-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jspecify-discu...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/jspecify-discuss/d3ac586a-ad61-4b1b-be96-5da91e8018f2n%40googlegroups.com.
There are a bunch of annotations that fit the vein of `@Nullable` that java simply doesn't have - things that have _all_ of these properties:* They are useful from a 'how do I use this API?' perspective; javadoc should be mentioning it at the very least.* Useful static analysis can be performed that isn't going to work nearly as well without it.* It's already commonly -used- in java, both in the core libs and the wider community. Though, not always all that well documented and static analysis tools currently just flat out get it wrong from time to time, or don't analyse it, because there are no annotations.
Some are well known (I'm sure you're all thinking of something like `@SideEffectFree` or `com.google.errorprone.annotations.@CanIgnoreReturnValue`).
There's a new use case I ran across. I'm not personally familiar with any framework / annotation library that has an annotation for it:`@ResourceResponsibilityTransfer` (the name needs work).
I'm guessing the focus lies with nullity now and that's entirely understandable. Just in case 'start listing future stuff JSpecify should try to cover' is within scope at this point, I thought I'd check in :)
> These seem esoteric, and if they are, we should ignore them.
Rather unfortunately, not every filterstream transfers close. So I'm not sure it's actually wise to treat `new BufferedOutputStream(x)` as: That means you have fully relinquished all control over x and should never use/pass it again.
Still, I'm pretty sure that objectively speaking the correct approach is to state that __all__ subtypes of FilterStreams should necessarily promise to close underlying safely (the compiler can't enforce that, but then, it can't enforce the rule that if `a.equals(b)` that `a.hashCode() == b.hashCode()` either. But it needs to be documented),
> [the link to the long term roadmap]Duh, I should have checked the wiki.
On Wednesday, September 27, 2023 at 8:31:16 PM UTC+2 kev...@google.com wrote:On Wed, Sep 27, 2023 at 5:13 AM Reinier Zwitserloot <rein...@gmail.com> wrote:There are a bunch of annotations that fit the vein of `@Nullable` that java simply doesn't have - things that have _all_ of these properties:* They are useful from a 'how do I use this API?' perspective; javadoc should be mentioning it at the very least.* Useful static analysis can be performed that isn't going to work nearly as well without it.* It's already commonly -used- in java, both in the core libs and the wider community. Though, not always all that well documented and static analysis tools currently just flat out get it wrong from time to time, or don't analyse it, because there are no annotations.Wow. I don't have to give my "we only ever want to have annotations that meet these 3 criteria" speech! This is basically exactly how I've seen the boundaries of our scope. The annotations that fit these criteria tend to "feel almost like a language feature". And I'm determined to hold that line, to keep our library small and flat.Here's my personal list of candidates, in a rough approximate order of important/soon to just-spitballing. That's not an official by-consensus plan, just domains we happen to be addressing with some success internally to Google.That page makes more sense in a universe where a lot of energy is pouring into JSpecify from the partner orgs and the wider community. That waveform hasn't collapsed yet -- er, I don't know if that will prove to be the case.Some are well known (I'm sure you're all thinking of something like `@SideEffectFree` or `com.google.errorprone.annotations.@CanIgnoreReturnValue`).Yes! At Google we recently got "must use return value" enabled as the default behavior for all Java code, and learned a ton from that process, and standardization would be great. The overall mess of "policy regarding state" annotations is intricate and I'd hope to get a reasonable picture of the whole space before actually starting to design a part of it. I've put some time into that as well, but not shared anything yet.There's a new use case I ran across. I'm not personally familiar with any framework / annotation library that has an annotation for it:`@ResourceResponsibilityTransfer` (the name needs work).I agree that this is another great example. The use case is methods returning types like Stream and CharSequence, where no matter how much we know about their different subtypes' policies, the abstract throws that info out anyway. We have to preserve it somehow. The wiki page I linked to only mentions `@MustBeClosed` but yeah, I suppose perhaps we have at least three states.There's a whole other kind of responsibility-transfer as well. When you call `synchronizedList(myList)` you relinquish your rights to the reference you pass. That reference shouldn't be used again, nor leak from the current context (before or after the call). In the other direction, "method promises to relinquish the returned instance". These seem esoteric, and if they are, we should ignore them. If they're common yet don't tend to catch many bugs in practice, same. I seem to remember convincing myself that this kind of thing happens a lot, but :shrug: on the second part.I'm guessing the focus lies with nullity now and that's entirely understandable. Just in case 'start listing future stuff JSpecify should try to cover' is within scope at this point, I thought I'd check in :)--We just had to pick the hardest area of them all to tackle first, and now it's been years, and it's not clear how much appetite people will have for "let's keep going to do more things". But I can at least say that it's been my explicit aspiration from the start (I wouldn't have gotten involved otherwise), and I haven't heard anyone explicitly argue the other side (we should stop at nullness).Please keep your deep thoughts coming, this is great.
--
You received this message because you are subscribed to the Google Groups "jspecify-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jspecify-discu...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/jspecify-discuss/fd8f8de6-bccb-4342-bc46-bfd43dfff2b2n%40googlegroups.com.