Better Dependency Hygiene With Private Dependencies On JVM
A common pain when working with large projects is the diamond dependency. Consider a commonly used library such as ASM. One wants to build a big application reusing many powerful libraries, but unfortunately many of my desired dependencies themselves depend on different and incompatible versions of ASM. While compiling my code, since ASM does not appear in any APIs I touch, everything compiles fine, but at runtime the JVM only includes one version of classes of a given name leading to runtime binary errors.
OSGI Bundles are related to solving this problem, but it appears that is a heavy solution that has proven to be too cumbersome to actually use. Here we propose a lighter weight approach that benefits each incremental project that adopts this method.
Private dependencies are implemented by a build tool plug-in. In the build where one declares dependencies, one can label a jar dependency to be a private dependency. A private dependency means tha