Abandoned Sandboxes


In the ASF there is the concept of a “Sandbox”. A sandbox is a portion of the Subversion repository that has relaxed commit rules; for example, (I believe) the Commons Sandbox is open to all committers in the ASF. So, anyone with a good idea can come along and just commit some code, and the plan is that (eventually) it’ll be picked up by others with the same interest, and the project will be promoted to the real project.

Now, forgive me, if my information is somewhat dated. I know there is the concept of the ASF Labs, but I’m not sure if the sandbox idea is deprecated yet. I believe people are still forging ahead in various sandbox areas (I think Maven has a sandbox, I know Codehaus Mojo has a sandbox). And, the verdict on having a sandbox is generally positive. It is a lower bar of entry for a new codebase, it is something less than the Incubator, and (honestly) I could care less to get into some philosophical argument about what the right path is for a particular set of code. Therefore, the sandbox can be a good thing.

Dead Sandbox Code

The problem comes when a piece of sandboxed code becomes dormant (I’m just going to go out on a limb and say that the code in question is “dead”. I know people don’t like that term because code never “dies” so to speak.) One example is commons-exec, someone asked me about commons-exec today, and I checked it out. It looks fairly dormany the Maven date on the site is from 2005, and from the looks of it, it is very inactive.

My response to my colleague was: “Avoid it, it isn’t released and it isn’t active. Don’t depend on code in the sandbox.” And, it’s a shame because it looks like it does exactly what he needs. Putting code in a sandbox and then just leaving it there to rot is an annoyance, and I’m comgin around to the idea that *every* project in a sandbox should have an expiration date. Sure, I guess my reaction *should* have been, wow, that code is a great match, I’ll involve myself with that codebase and then champion the release on commons-dev.

In general, if you put something in a sandbox, don’t just leave it there. Either release something or propose its removal.

What’s even worse about this particular package is that I’m sure people are depending on it. And this is why the sandbox is a mixed blessing, it reduces the bar, but without discipline it creates what I think Java is becoming known for – half-assed, unfinished, lightly-documented open source noise.