[e-lang] Joe-E 2.0 Release
tyler.close at gmail.com
Sun Mar 9 09:02:15 EDT 2008
On Sat, Mar 8, 2008 at 11:29 PM, David Wagner <daw at cs.berkeley.edu> wrote:
> There's a part of me that thinks this'd feel safer if the Joe-E
> verifier added the @org.joe_e.verified annotation itself after verifying
> the .java file, rather than having the programmer place that in the
> .java file beforehand.
Does that same part of you feel it would be safer to do similarly with
the org.joe_e.Immutable marker interface? It similarly cannot be
trusted unless the code has actually passed the Joe-E verifier. I
think it must always be up to the recipient of Joe-E code to ensure
the code passes the verifier before using it. There's not much
assurance to be had when adding Java code to your application without
passing it through the verifier. That code could do anything.
More information about the e-lang