avalon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Peter Donald <dona...@apache.org>
Subject Re: Coding Standards Update
Date Mon, 25 Jun 2001 09:29:56 GMT
On Mon, 25 Jun 2001 19:16, Charles Benett wrote:
> Berin Loritsch wrote:
> > I beleive we need to go through our Coding Standards document,
> > purge some items (since they do not apply to modern JVMs) and
> > incorporate ideas from this list of documents:
> >
> > Twelve rules for developing more secure Java code
> > -------------------------------------------------
> > http://www.javaworld.com/javaworld/jw-12-1998/jw-12-securityrules_p.html
> I see what they mean, but, like the Leo's, I don't think we should
> blindly apply them here.
> First, from the Open source point of view, it is generally bad to make
> classes and methods final, unless there is some overriding reason. We
> are a constantly shifting target.

If you recall, at one stage I went through the whole Avalon code base and 
made 90% of the private methods/variables protected for this very reason. 
However later when we were talking about going beta I went back and 
finalized/privatized all the methods again. It was less a security thing and 
more a support thing. By making the variables/methods private/final it does 
make it a little more difficuly  to extend. 

However people who want to extend foo, now just drop a note on list to say - 
make X protected or similar. This makes it easier to support various use 
cases or refactor our code so that it is more reusable.

As for things like

if( !initialize ) throw Exception( "Evil code will fail!" );
if( !initialize ) return;//silently ignore violation

I tend to agree. When Phoenix is further developed it will actually 
specifically disable this by passing proxied version of work interfaces and 
thus you will never be able to get access to original object before it is 
initialized or after it is destructed (proxy reference will be nulled out 
before this).



| "Faced with the choice between changing one's mind, |
| and proving that there is no need to do so - almost |
| everyone gets busy on the proof."                   |
|              - John Kenneth Galbraith               |

To unsubscribe, e-mail: avalon-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: avalon-dev-help@jakarta.apache.org

View raw message