Split Capabilities: Making Capabilities Scale
Mark S. Miller
Wed, 09 Aug 2000 09:24:38 -0700
At 04:42 AM 8/9/00 , Jonathan S. Shapiro wrote:
> > I guess the real difference we have is what constitutes a contract. I
> > contend that the part of the contract represented by any thinning facet is
> > inadequate.
>I don't think I ever claimed that the thinned facet provided adequate
>knowledge or represented an adequate statement of contract for the
>programmer. I still think that you are failing to differentiate what the
>programmer knows from what the program knows in your argument.
I'll go ahead and make this claim, for particular cases of facets of a
composite, whether thinning facets or not. (Note that the incr/decr
example used by much of this discussion has facets, but not thinning
facets.) Ralph's example is an excellent case of an adequate contract being
stated -- for other programmers, not just for other programs -- of a
decrement facet of a similar composite. Probably in fact the programmers in
this scenario would know of the existence of the other facets, and it is
probably a good idea to run a shop such that they would know. However,
rather than preventing trouble (or, at least, in addition to preventing
trouble), this extra knowledge also gets them into trouble:
It is harder to avoid counting on what you know than to avoid counting on
what you don't know.
Much of the point of a contract is to avoid stating what your clients aren't
supposed to count on. The provider may then make future changes that
continue to satisfy his stated contract, and hope not to break too many of
This pristine theory usually fails because there's rarely an articulated and
explicit contract between provider and client. Both then use partial shared
knowledge (or model) of the implementation, combined with a shared sense of
what properties are intentional vs accidental. However, in this more
typical scenario, it can still be good for the provider to hold back from
the client information the client shouldn't count on, and for the same
reason. As Ralph's example demonstrates, the information that should be
withheld may include knowledge of other facets.
Perhaps we need to clarify which programmer you mean by "the programmer" above.