Nested packages private by default

[wildmaples]

Currently, all nested packages are accessible by any other package. We may want to reconsider this model so that nested packages are not "exported" by default, unless explicitly requested by the parent package:

# tree
.
└── foo
    ├── package.yml
    └── bar
        └── package.yml

# cat foo/package.yml
enforce_privacy: true
enforce_dependencies: true
dependencies:
  - "foo/bar"
export_packages:
  - "foo/bar"

This would allow those who depend on foo to be able to also access bar, otherwise any access to or dependency on bar would be a violation. If we want to export a subset of bar to the rest of the world, we would use aliasing:

# cat foo/app/public/foo/stuff.rb
module Foo
  Stuff = ::Foo::Bar::Stuff
end

We've briefly described a project where packages could put more constraints on incoming edges (in the dependency graph).

@thegedge sees two possibilities for those constraints: a whitelist option or a blacklist option (not both). In this case, we would whitelist the parent package in the nested package, which means any other package would be a violation.