The concern, for me, is whether the onus is on the developer or on the tools. For example, if I write a method:
public String getTheValue() { return map.get("value");} with no annotation, the assumption is the return value of getTheValue is always non-null even though java.util.Map does not make any such guarantee. So now, the onus is on me, as the developer to write public @Nullable String getTheValue() { return map.get("value");} I can do this, but the reality is that I'm lazy and I'm probably going to forget and there's a high likelihood that nobody is going to call me out on it during code review because it's one small function in a 5,000 line PR :) For me, I'd much rather have the static analysis tool assume that anything not annotated might possibly be null so that when I write the following, I get a bug during the build: String foo = getTheValue(); return foo.length(); Now the tool is actually doing its job of reminding me that I'm using a value without having checked for nullability and if I want to avoid that warning (maybe because I'm using a special java.util.Map), I need to update my annotations. Given that the Iceberg codebase doesn't use these annotations, I think we'll be dealing with nullable values far more often than non-nullable ones. Mike On Tue, May 27, 2025 at 2:25 PM Eric Maynard <eric.w.mayn...@gmail.com> wrote: > Right, but I think Michael is correct that when something comes from > outside of Polaris, we have to assume it’s nullable even if it’s not > annotated as such. > > Also as we are using CDI, it may not be clear whether an implementation of > an interface is coming from “Polaris code” and therefore what assumptions > can be made about the nullability of its members. > > Given these considerations, I think developers are forced to do their own > due diligence for nullability when working with non-annotated members. If > we would go with option 1, this means developers are encouraged to do the > opposite and forego a nullability check on non-annotated members. That > seems dangerous. > > Another argument against option 1 is that for better or for worse most > variables in Polaris are in fact nullable. If we have the choice between > annotating 90% of variables and annotating 10%, I prefer the latter. > > On Tue, May 27, 2025 at 2:12 PM Dmitri Bourlatchkov > <dmitri.bourlatch...@dremio.com.invalid> wrote: > > > Yes, the idea is to simplify things by using only one of @Nullable > > and @Nonnull in Polaris code. > > > > However, I lean toward using @Nullable when necessary and assume @Nonnull > > by > > default. Again this is only for Polaris code. > > > > Cheers, > > Dmitri. > > > > On Tue, May 27, 2025 at 5:07 PM Eric Maynard <eric.w.mayn...@gmail.com> > > wrote: > > > > > If we've checked something is non-null or received a non-null value > from > > a > > > library, we can continue annotating it as @Nonnull within Polaris. We > can > > > also use Optional to get similar functionality to typescript's ? and > > handle > > > missing values that way. > > > > > > In all other cases, developers must assume any given reference can be > > null > > > and do their own checks. It seems to me that there is no need for > > @Nullable > > > in that case. That is, if we label everything that cannot be null as > > > @Nonnull and everything that can be null as @Nullable, then every > > reference > > > should be annotated as one or the other. We can simplify things by just > > > removing the @Nullable annotations. > > > > > > --EM > > > > > > On Tue, May 27, 2025 at 1:56 PM Dmitri Bourlatchkov <di...@apache.org> > > > wrote: > > > > > > > Your example is quite valid, Mike. In my proposal (several emails > ago) > > > I'd > > > > classify this as "inputs into Polaris code". > > > > > > > > However, I guess the topic of this thread is slightly different. The > > > > question we're trying to reach consensus on, is about what we should > > > > annotate as @Nullable in Polaris code. > > > > > > > > I'd say if a value is received from external code, which is not > > > annotated, > > > > and returned from a Polaris method without validation, and the > returned > > > > value can reasonably be null, then the Polaris method should be > > annotated > > > > as @Nullable. However, if Polaris code checks the value to be > non-null, > > > the > > > > return value need not be annotated in Polaris. > > > > > > > > Does this sound reasonable? > > > > > > > > Thanks, > > > > Dmitri. > > > > > > > > On Tue, May 27, 2025 at 4:34 PM Michael Collado < > > collado.m...@gmail.com> > > > > wrote: > > > > > > > > > I generally assume the other way around. Many (most) libraries > don't > > > > > annotate the return values of their methods, so I assume everything > > is > > > > > nullable unless specifically told otherwise. I would prefer > > everything > > > be > > > > > non-nullable unless specifically stated (the ? is the one thing I > > would > > > > > steal from typescript if I could), but given that library code > can't > > be > > > > > modified to be explicit when null return values are possible, I > don't > > > > think > > > > > we can make that assumption. > > > > > > > > > > Mike > > > > > > > > > > On Thu, May 22, 2025 at 10:57 AM Dmitri Bourlatchkov < > > di...@apache.org > > > > > > > > > wrote: > > > > > > > > > > > My preference is for option 1 below. > > > > > > > > > > > > On Thu, May 22, 2025 at 1:53 PM Alex Dutra > > > > <alex.du...@dremio.com.invalid > > > > > > > > > > > > wrote: > > > > > > > > > > > > > Hi, > > > > > > > > > > > > > > My proposal was centered around compile-time checks and targets > > > > mostly > > > > > > > developers and contributors. I am not questioning the > usefulness > > of > > > > > > > runtime checks when these make sense. > > > > > > > > > > > > > > Maybe an example is better than a thousand words. Let's > imagine a > > > > > > > simple getOrDefault() method. Which version do you prefer? > > > > > > > > > > > > > > 1. Annotate only nullable items: > > > > > > > public String getOrDefault(@Nullable String s, String def) { > > > return s > > > > > > > == null ? def : Objects.requireNonNull(def); } > > > > > > > > > > > > > > 2. Annotate only non-null items: > > > > > > > @Nonnull public String getOrDefault(String s, @Nonnull String > > def) > > > { > > > > > > > return s == null ? def : Objects.requireNonNull(def); } > > > > > > > > > > > > > > 3. Annotate everything: > > > > > > > @Nonnull public String getOrDefault(@Nullable String s, > @Nonnull > > > > > > > String def) { return s == null ? def : > > > Objects.requireNonNull(def); } > > > > > > > > > > > > > > Many places in Polaris are using option 3, which is too verbose > > and > > > > > > > leads to visual fatigue. What I was suggesting to the community > > is > > > to > > > > > > > adopt option 1, that reduces the visual clutter and also > assumes > > > > > > > non-null by default. > > > > > > > > > > > > > > (You will notice that I added a runtime check to all three > > > versions.) > > > > > > > > > > > > > > Hope that helps to clarify the discussion. > > > > > > > > > > > > > > Alex > > > > > > > > > > > > > > On Wed, May 21, 2025 at 8:54 PM Yufei Gu <flyrain...@gmail.com > > > > > > wrote: > > > > > > > > > > > > > > > > > > > > > > > > > > In my opinion, assuming everything is nullable by default > > isn't > > > > the > > > > > > > > > best approach for writing robust code. I believe a bias > > towards > > > > > > > > > non-nullness leads to more reliable systems. > > > > > > > > > > > > > > > > I agreed with the intention, but am concerned that assuming > > > > > everything > > > > > > is > > > > > > > > non-nullness may discourage null-checking, which is > problematic > > > as > > > > > > > runtime > > > > > > > > null-checking isn't a thing. > > > > > > > > > > > > > > > > Yufei > > > > > > > > > > > > > > > > > > > > > > > > On Wed, May 21, 2025 at 9:52 AM Alex Dutra > > > > > > <alex.du...@dremio.com.invalid > > > > > > > > > > > > > > > > wrote: > > > > > > > > > > > > > > > > > Hi Eric, > > > > > > > > > > > > > > > > > > You're right that annotations don't change the bytecode at > > > > runtime. > > > > > > > > > Their real value comes during compilation, as many static > > > > analysis > > > > > > > > > tools use them to flag potential issues. They can even > cause > > > > build > > > > > > > > > failures depending on how you configure them. My IDE > > (IntelliJ) > > > > > > > > > frequently warns me when I forget to handle a potential > NPE; > > if > > > > > > you're > > > > > > > > > not seeing similar feedback, it might be worth checking > your > > > IDE > > > > > > > > > settings. > > > > > > > > > > > > > > > > > > While the annotations are primarily for compile-time > checks, > > > that > > > > > > > > > doesn't mean we can't also incorporate runtime checks. We > > > should > > > > > aim > > > > > > > > > to include these whenever this makes sense, for example by > > > using > > > > > > > > > Guava's Preconditions. This is especially useful if we > can't > > > > > > guarantee > > > > > > > > > that a method parameter, for instance, will never be null, > > > > because > > > > > > > > > it's being provided by some external system. > > > > > > > > > > > > > > > > > > In my opinion, assuming everything is nullable by default > > isn't > > > > the > > > > > > > > > best approach for writing robust code. I believe a bias > > towards > > > > > > > > > non-nullness leads to more reliable systems. > > > > > > > > > > > > > > > > > > I am also a big fan of Optional and think we should strive > to > > > use > > > > > it > > > > > > > > > as much as possible. That said, it's not always possible, > > > > > especially > > > > > > > > > if you are implementing a third-party interface that > doesn't > > > use > > > > > it. > > > > > > > > > Using Optional in class fields and method parameters is > also > > > > > > > > > controversial: Optional was designed primarily as a signal > > from > > > > the > > > > > > > > > callee to the caller, to signify: "no result". In other > > words, > > > > its > > > > > > > > > main purpose is to clarify method return types. This post > on > > > > Stack > > > > > > > > > Overflow by Brian Goetz is worth reading: [1]. > > > > > > > > > > > > > > > > > > Thanks, > > > > > > > > > > > > > > > > > > Alex > > > > > > > > > > > > > > > > > > [1]: > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > https://stackoverflow.com/questions/26327957/should-java-8-getters-return-optional-type/26328555#26328555 > > > > > > > > > > > > > > > > > > > > > > > > > > > On Wed, May 21, 2025 at 4:37 PM Eric Maynard < > > > > > > eric.w.mayn...@gmail.com > > > > > > > > > > > > > > > > > wrote: > > > > > > > > > > > > > > > > > > > > Thanks for bringing this up as I’ve been confused by > this a > > > few > > > > > > > times. > > > > > > > > > > > > > > > > > > > > Before Polaris I hadn’t really encountered these > > annotations > > > > and > > > > > I > > > > > > > was > > > > > > > > > > surprised to learn they don’t “do anything” — that is, > > there > > > is > > > > > no > > > > > > > > > > additional safety you get at runtime when a null value is > > > > passed > > > > > > > into a > > > > > > > > > > parameter marked non-null. Similarly nothing enforces > that > > > you > > > > > > handle > > > > > > > > > null > > > > > > > > > > values when something is annotated as nullable. > > > > > > > > > > > > > > > > > > > > For that reason, I tend to assume everything is nullable > > > > > regardless > > > > > > > of > > > > > > > > > > annotation and I would be in favor of standardizing > around > > > that > > > > > > > > > assumption. > > > > > > > > > > Iff something is annotated as Non-null a developer should > > > feel > > > > > safe > > > > > > > > > > skipping a check for null, but otherwise they should > handle > > > > null. > > > > > > > > > > > > > > > > > > > > I am a big fan of Optional and of trying to reduce the > > usage > > > of > > > > > > null > > > > > > > as > > > > > > > > > > much as possible though. > > > > > > > > > > > > > > > > > > > > On Wed, May 21, 2025 at 3:02 PM Alex Dutra > > > > > > > <alex.du...@dremio.com.invalid > > > > > > > > > > > > > > > > > > > > wrote: > > > > > > > > > > > > > > > > > > > > > Hi all, > > > > > > > > > > > > > > > > > > > > > > A while ago, we had a discussion regarding which > nullness > > > > > > > annotations > > > > > > > > > > > to use and whether we should consider favoring non-null > > by > > > > > > > default. I > > > > > > > > > > > would like to revive that discussion. > > > > > > > > > > > > > > > > > > > > > > We are currently using the `jakarta.annotation` package > > > > > > > consistently, > > > > > > > > > > > but the defaults are not clear: should we consider > > > everything > > > > > as > > > > > > > > > > > non-null by default and only annotate the nullable > > things, > > > or > > > > > the > > > > > > > > > > > other way around? Some classes are cluttered with both > > > > > > annotations, > > > > > > > > > > > which seems unnecessary and confusing. > > > > > > > > > > > > > > > > > > > > > > I would personally be in favor of considering > everything > > as > > > > > > > non-null by > > > > > > > > > > > default. > > > > > > > > > > > > > > > > > > > > > > Please let me know your thoughts. > > > > > > > > > > > > > > > > > > > > > > Alex > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > >