- activation-1.1.jar
- asm-3.1.jar
- axiom-api-1.2.12.jar
- axiom-dom-1.2.12.jar
- axiom-impl-1.2.12.jar
- axis-1.1.jar
- axis2-adb-1.6.1.jar
- axis2-codegen-1.6.1.jar
- axis2-kernel-1.6.1.jar
- axis2-mtompolicy-1.6.1.jar
- axis2-transport-http-1.6.1.jar
- axis2-transport-local-1.6.1.jar
- axis2-xmlbeans-1.6.1.jar
- commons-beanutils-1.7.0.jar
- commons-beanutils-core-1.7.0.jar
- commons-codec-1.3.jar
- commons-collections-3.2.jar
- commons-configuration-1.2.jar
- commons-digester-1.7.jar
- commons-discovery-0.2.jar
- commons-fileupload-1.2.jar
- commons-httpclient-3.0.1.jar
- commons-lang-2.1.jar
- commons-logging-1.0.4.jar
- commons-logging-api-1.0.4.jar
- dac-client.jar
- dealer-locator-pojos.jar
- DealerLocatorWebServices-client-1.1.4.jar
- dom4j-1.4.jar
- ehcache-core-2.3.0.jar
- ehcache-web-2.0.3.jar
- ejb-api-3.0.jar
- httpcore-4.0.jar
- isorelax-20020414.jar
- jackson-core-asl-1.7.1.jar
- jackson-jaxrs-1.7.1.jar
- jackson-mapper-asl-1.7.1.jar
- jackson-xc-1.7.1.jar
- javax.ejb_3.0.1.jar
- javax.jms.jar
- jaxb-api-2.2.2.jar
- jaxb-impl-2.2.3-1.jar
- jaxen-1.1.1.jar
- jaxrpc.jar
- jersey-core-1.6.jar
- jersey-json-1.6.jar
- jersey-server-1.6.jar
- jettison-1.1.jar
- log4j-1.2.8.jar
- mex-1.6.1-impl.jar
- msv-20020414.jar
- neethi-3.0.1.jar
- ojdbc6.jar
- opensaml-2.2.3.jar
- pagination-lib.jar
- quartz-1.6.6.jar
- quartz-1.7.2.jar
- rampart-core-1.6.1.jar
- rampart-policy-1.6.1.jar
- rampart-trust-1.6.1.jar
- relaxngDatatype-20020414.jar
- saxpath-1.0-FCS.jar
- service-pojos.jar
- slf4j-api-1.5.11.jar
- slf4j-jdk14-1.6.1.jar
- stax-api-1.0-2.jar
- stax-api-1.0.1.jar
- tbgv2util.jar
- TMSFramework-2.2.46.jar
- TMSIntegrationFramework-0.0.216.jar
- TMSMessagingFramework-0.0.11.jar
- TMSUserMgmtFramework-1.0.108.154.jar
- warranty-maintainence-pojos.jar
- wiztools-commons-lib-0.2.0.jar
- woden-api-1.0M9.jar
- woden-impl-dom-1.0M9.jar
- wsdl4j-1.6.2.jar
- wss4j-1.5.12.jar
- xalan-2.7.0.jar
- xercesImpl-2.2.1.jar
- xml-apis-1.0.b2.jar
- xmlbeans-2.2.0.jar
- XmlSchema-1.4.7.jar
- xmlsec-1.4.5.jar
- xmltooling-1.2.0.jar
I, myself, have never created an application that uses 85 jars.
Making things worse, the app was running on a heavy weight app server (Web Logic) that added many more classes to the classpath, classes that do not show up in the above list. These included the entire stack of J2EE classes. Plus other classes that WebLogic thinks you might need.
Problem: Any app with this many classes in the classpath will surely have some accidental duplicate classes, possibly even multiple versions of the same class. This can be the source of very hard to track bugs.
This was, in fact, the source of the bugs in this particular application.
Moving forward, I would recommend the following:
Making things worse, the app was running on a heavy weight app server (Web Logic) that added many more classes to the classpath, classes that do not show up in the above list. These included the entire stack of J2EE classes. Plus other classes that WebLogic thinks you might need.
Problem: Any app with this many classes in the classpath will surely have some accidental duplicate classes, possibly even multiple versions of the same class. This can be the source of very hard to track bugs.
This was, in fact, the source of the bugs in this particular application.
Moving forward, I would recommend the following:
- Add libraries and jars to your app very judiciously.
- Be careful of build tools that might recursively suck in unneeded library dependencies.
- Beware of any 3rd party libraries that require a whole bunch of other 3rd party libraries to work.
- When a 3rd party library comes with 10 other 3rd party libraries that it depends on, those other libraries might be optional libraries and not needed for your app.
- Avoid app servers that litter the classpath with unneeded libraries.
- Be especially cautious of putting classes in your app servers global (cross-web-app) lib folder.
- This entire problem starts to goes away as we move toward a more micro-service style architecture.
1 comment:
That seemed like a lot of jars, but I looked at a relatively basic app I have and it clocked in at 59 jars. Part of this is Spring, which I know you're not a fan of. Another issue is a trend in bigger open source projects favoring breaking up jars so you have to include more of them, but overall you're including less code than when they were bundled and inseparable. Technically, dependency managers should reduce some of the duplication, but you're relying on a 3rd party set of metadata. Reviewing what they include is a good idea. I've had projects break because Ivy grabbed unnecessary dependencies. That's another thing - I try to use dependency databases directly from the source, which hopefully cuts down on that, as well as specify versions whenever it makes sense.
Post a Comment