The "exposes" Keyword in Java

-

Don't worry. You have not been sleeping under a rock for the past few years. There is no such keyword in Java. It's just something I wish for Christmas.

It's great that Java modules finally allow us to truly seal off our carefully crafted API surfaces, without clients being able to crack them open anyway using reflection. If a module does not "open" a package to the outside world, there is no way you can access its private and package-private members. No more reflectively setting a private field's accessible flag to true and force it to yield or change its value.

Unfortunately, you can also no longer use reflection to dynamically read/write public fields or execute public methods. It does not matter whether the fields and methods hail from an exported or non-exported package. As long as the module does not also open the package, any reflection is off limits. In fact you no longer have any self-contained (purely programmatic) way of knowing what public fields and methods there are in the first place. That, after all, requires calls to methods like Class.getFields() and Class.getMethods(). That's reflection and hence forbidden.

If, on the hand, you do open the package, it abruptly becomes the free-for-all-do-whatever-you-like playground again that it was before Java modules came along. 

This choice is too extreme, I think. We need an in-between option that allows us to ask what public fields and methods there are, but nothing else — without us immediately transitioning into Greek deities that than can wreak havoc as we please with the internals of the class. Dynamically reading/writing public fields is still forbidden with this option, as is dynamically executing public methods. This option would be enabled via the "exposes" keyword (or whatever other keyword the Java language architects prefer instead). Thus, a module can export, expose or open a package.

Why would you want to know what public fields and methods a class has if you can't do anything with that knowledge? But you can! Just not via reflection. Slightly predating Java modules are method handles and the java.lang.invoke package (they were introduced in Java 7). Interestingly, while method handles also enable dynamic method invocation, using method handles to dynamically execute a public method does not require that the package containing the method is open. Just exporting the package gives clients enough privilege to request a MethodHandle for a public method or a VarHandle for a public field.

Thus, if only  the JVM could let us know just what the public fields and methods are, we could dynamically read/write/execute them, while the module that submits itself to this can rest assured that we won't do, and won't be able to do the invasive things that reflection allows us to do.

Comments

Post a Comment

Popular posts from this blog

LinkedList - Lost Opportunity?

-
Image
I've always found LinkedList a bit of a strange bird among the Collections Framework classes. By rights it should probably come right after ArrayList , HashMap , HashSet and LinkedHashMap as a general-purpose collection class, but it never quite provided the functionality I needed — and expected from a linked list implementation. Internals It seems like the makers of LinkedList were very intent on emphasising its queue-like potential and it is easy to see why. A linked list consists of a series of "nodes" . A node contains a value, a reference to the previous node and a reference to next node. In addition, a linked list maintains a reference to the first node and a reference to the last node. With this setup, queue-like operations like push, pop, shift and unshift become cheap and simple. To push 54 onto the list, wire it up to 13 and make tail point to 54. To pop 13 off the list, just make tail point to 33 and nullify the reference from 33 to 13. Using a linked l...
Read more

Type Maps

-
Every so often I run into a problem that would just really neatly be solved by something I have come to call a TypeMap . The problem may not be so common that you would expect the JDK itself to provide a ready-made class for it. To me, hoewever, it seemed common enough that I was suprised to be unable to google my way towards the functionality I was after. Actually, I did stumble upon a class named exactly that: TypeMap . It was buried deep inside the JDK code base itself. And with a name like that, how could it not have the functionality I was after? But the class was in one of those not-for-you-earthling packages, so I didn't check. So what does a TypeMap do? Obviously i t is a type of Map . And also rather obviously, it is a Map whose keys are Class objects. But its get() and containsKey() methods behave in a way that clearly takes it beyond a regular map. They rely on, and leverage the structure of the Java type hierarchy to retrieve a value for the requested key. ...
Read more