Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:106822
Return-Path: <andreas@dqxtech.net>
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 18200 invoked from network); 31 Aug 2019 04:08:29 -0000
Received: from unknown (HELO mail-qt1-f193.google.com) (209.85.160.193)
  by pb1.pair.com with SMTP; 31 Aug 2019 04:08:29 -0000
Received: by mail-qt1-f193.google.com with SMTP id a13so9757150qtj.1
        for <internals@lists.php.net>; Fri, 30 Aug 2019 18:41:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=dqxtech-net.20150623.gappssmtp.com; s=20150623;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc:content-transfer-encoding;
        bh=HBzGJ1WzXIWPRd65+yPmJHq9EFTdBJMu0LqNYKR5I40=;
        b=MJr71iiWpM4kteX2HzJVkonCKgUf44H5QyzG745tHNhNv+3eVpXObIcH7mAMda0U3p
         ThCJZ77tNfrkBD5jMMtnpewHNz9st2c+WxVJMqI7bgTF+zEf3hhn7pX+IFg6tTly8CTp
         z52ALRHqemoRYeZZQrY3u4OS2rWFctB/sHddCa0exR8l58RZZVDPRmJjPcSKNZ1gDPBA
         SDdHgy3en6jx0iK63BA6ZiTfKY12DhwEKdfZTlaGLQ1jNdTEbfDAOTXEuOHFNYCKcvR6
         rd+XQWgPDNHJTnPX0Bz4OlconoJohPpaquyrAB/FOBqqqsvdAgsOnhX1jZ8zGkgf5JfD
         fIIw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc:content-transfer-encoding;
        bh=HBzGJ1WzXIWPRd65+yPmJHq9EFTdBJMu0LqNYKR5I40=;
        b=KD41juaYCDIWVFOYjTRxfDEpNR7Jy1+G1pPun8AeVgzBwZ+wrZXakQtev6YZNHhfE5
         y9AWvL6PrK/TzWzrPRCbalAXXj1gLDhu7xz8wigHkmVj2YLzeWt1855figfqiIyIk5SW
         /Cw1ocw4E/kGZBMwBHEA7VWdPjfnt61hBzLbIYFxEOb42XW/jFNevxui0XwZJkrYdzA0
         +t27p2xB2EKNAbI4PEaiVdH/BdYj3OLg4w6SdhCDg+Byjlelf5vWWWXqYDA7vWZNJ3oV
         6JNX/3cHAhiL82tOHJbjnzWhBsLSVPBUXdLf6fYMlsCe/uTM7shjr+0Dx+UQ65H8LYX4
         MwiA==
X-Gm-Message-State: APjAAAUtmJ1XGLSv0aL4r5RFJxC2Z7HN8oaJh+qW+RshjoXgXX7CyZ1L
	iCNc+m7jK48LC2lwZFhn6qKZhiXKHyw=
X-Google-Smtp-Source: APXvYqyrG9mPLv5CoAyiM8N4b9vRKLnrkHJQ6jRp13Pndot/eO46vS5QNOCfBty3Wt3qvHBzElQygQ==
X-Received: by 2002:a0c:ee82:: with SMTP id u2mr11872333qvr.156.1567215675230;
        Fri, 30 Aug 2019 18:41:15 -0700 (PDT)
Received: from mail-qt1-f171.google.com (mail-qt1-f171.google.com. [209.85.160.171])
        by smtp.googlemail.com with ESMTPSA id d9sm3319678qko.20.2019.08.30.18.41.14
        for <internals@lists.php.net>
        (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);
        Fri, 30 Aug 2019 18:41:14 -0700 (PDT)
Received: by mail-qt1-f171.google.com with SMTP id n7so9724477qtb.6
        for <internals@lists.php.net>; Fri, 30 Aug 2019 18:41:14 -0700 (PDT)
X-Received: by 2002:ac8:431e:: with SMTP id z30mr13652064qtm.311.1567215674343;
 Fri, 30 Aug 2019 18:41:14 -0700 (PDT)
MIME-Version: 1.0
References: <CAJHtznz+vMtytUxnf73L474TcDUqsZpTHLTnhHL4E53CCQdibA@mail.gmail.com>
 <CAF+90c-5CeZfyo2zBeoM63NDK-j2h6WTjvdT-yiKy040wVUm-w@mail.gmail.com>
 <CAF+90c_etW4HU1ae9TLaZzKtaLtYbfkq2TKy4ydKOM=3XDRDXw@mail.gmail.com>
 <CAH0Uv3GoB7d79Zn-wid_uxQHKOesHtDzgm6a_yuScjB0nfrVRQ@mail.gmail.com>
 <CAPKYkKyREMkWaNBx5ZZVk-=gc0DML7rTctSenzyZwJZTgCckjA@mail.gmail.com>
 <CAH0Uv3H8cXPpYioqp=6QwofBFQ5v5VL2ZJHttcSPZVn3Bo5k7A@mail.gmail.com> <fea77595-62e1-4440-afe8-ecd4d31d3c02@www.fastmail.com>
In-Reply-To: <fea77595-62e1-4440-afe8-ecd4d31d3c02@www.fastmail.com>
Date: Sat, 31 Aug 2019 03:41:02 +0200
X-Gmail-Original-Message-ID: <CAH0Uv3G3Suh91k+2_ThXn3SSKSxvd36EQeNgzy17mGVUeoeb9w@mail.gmail.com>
Message-ID: <CAH0Uv3G3Suh91k+2_ThXn3SSKSxvd36EQeNgzy17mGVUeoeb9w@mail.gmail.com>
To: Larry Garfield <larry@garfieldtech.com>
Cc: Steffen via internals <internals@lists.php.net>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Subject: Re: [PHP-DEV] Bringing Peace to the Galaxy
From: andreas@dqxtech.net (Andreas Hennings)

(I hope this exchange is not getting too Drupal-specific.
I imagine the same concerns would apply in any project that uses a lot
of 3rd party code, and that is affected by framework versions and
generations of framework ecosystems.)

> Someone running their code on an old and unsupported PHP version is alrea=
dy, well, unsupported.

This is true, but:
- The problem already applies within a range versions that are
officially supported at a given time. E.g. the ?? operator came out
long before PHP 5.6 became unsupported. At the same time, major Drupal
7 modules had to slowly catch up. And some less popular modules never
did. As long as a site was not fully ready for PHP 7.x, developers
could not use the ?? operator, or use any 3rd party code that uses the
?? operator.
- There might be reasons preventing people from updating. You already
agree, so nothing to argue here.

> The point, of course, is making that upgrade as much of a no-brainer as p=
ossible so that people have no excuse for not upgrading besides laziness.  =
That's why there's such a (entirely legitimate) concern for BC breaks, beca=
use every BC break is one more reason for people to not upgrade to a suppor=
ted release.

absolutely.

> Adding new functionality that doesn't break *existing* code is entirely i=
rrelevant.  It's more around subtle changes to existing behavior, which are=
 sometimes worthwhile and sometimes not.

These are two sides to the same coin:
- New features which are only available in a new language version.
- Old language "features" (or in most cases "bad practices that used
to be unpunished") which only work in older PHP versions. Of course
this is only a problem if updating or fixing this code would be
costly.

This creates an interoperability problem between old code (if not
fixed or updated) and new code (3rd party or custom), because there is
no engine version that allows them to coexist in the same project.

Realistically, a large project or ecosystem, like a historic building
or a city, will have older and newer parts. Parts you want to touch
and work on, and other parts you rather leave alone.

For unsupported versions we can always say "your fault", but even
within the supported version range there are these interoperability
limitations.
The trade-off on a specific project might be somewhere in the middle:
Use a PHP version that is not the newest but also not the oldest. Fix
or update the worst of the legacy code, but avoid new language
features until the entire system is ready for it.

Of course in the world of technology we cannot expect that a project,
or a framework ecosystem, stays around forever. The language version
is only one variable in the equation. At some point your framework, or
the specific version you are using, will become unsupported.
At some point the entire system needs a rewrite, throwing some old stuff ou=
t.

The "editions" idea (or how I imagine it) would not save you from the
need for a periodic rewrite.
But it would allow developers to already use the new language features
and new 3rd party libraries. So they might already write the code that
will later be used in the new rewritten system.

E.g. imagine PHP gets generics one day.
With "editions" (how I imagine them), you could already use generics
in your own custom code, or use composer packages that rely on
generics, in your legacy codebase. If you envision a rewrite that
relies heavily on generics, you can already develop a lot of this code
in the older version of the project.

A project which nowadays would run a PHP version somewhere between the
oldest and the newest, would now be able to run the latest PHP version
most of the time.

On Sat, 31 Aug 2019 at 02:31, Larry Garfield <larry@garfieldtech.com> wrote=
:
>
> On Fri, Aug 30, 2019, at 1:56 PM, Andreas Hennings wrote:
> > On Fri, 30 Aug 2019 at 19:38, Chase Peeler <chasepeeler@gmail.com> wrot=
e:
> > > On Fri, Aug 30, 2019 at 12:39 PM Andreas Hennings <andreas@dqxtech.ne=
t>
> > > wrote:
> > > > The only way to make this possible is to either deny all progress, =
or
> > > > to make a distinction on file level (or "package level", whatever t=
hat
> > > > means).
> > > > So, opt-in BC breaks.
> > > >
> > > That's not true at all. There are a ton of things that have been disc=
ussed
> > > that will progress the language and don't require any sort of BC brea=
k.
> > > Union types is one example. Support for Enums is another.
> > >
> > > Even if a BC break is required, it's not automatically a bad thing. W=
hether
> > > we are looking at plugging up a big security hole, getting rid of/mod=
ifying
> > > a rarely used feature, adding support for something that it's current=
ly
> > > impossible to do, or just doing something that adds tremendous value =
to the
> > > language. In all of those cases the impact of the BC break should be
> > > weighed against the benefits.
> >
> > The problem and trade-offs I am describing are already impacting me tod=
ay.
> > I am working on a Drupal 7 site with lots of legacy code, and I am
> > developing Drupal 7 contrib modules that I want to be available to a
> > large audience.
> >
> > In one of these modules I initially used the ?? null coalesce operator.
> > Then I had to replace all of the instances of ?? with the more verbose
> > old-school code, to make it compatible with older PHP, because there
> > are still enough Drupal 7 installations out there which have not
> > upgraded to PHP 7 yet.
> > I also had issues with old 3rd party libraries, which stood in the way
> > of PHP version upgrade.
> >
> > In a world with "editions" per file or per package, such projects
> > could more easily use the newest PHP version, while the old libraries
> > would continue working.
>
> That's a somewhat different issue.  Someone running their code on an old =
and unsupported PHP version is already, well, unsupported.  They're running=
 code with known unfixed security issues, most likely, and they take their =
chances.  If they won't upgrade to a supported PHP version then, frankly, t=
hey're already on their own.
>
> The point, of course, is making that upgrade as much of a no-brainer as p=
ossible so that people have no excuse for not upgrading besides laziness.  =
That's why there's such a (entirely legitimate) concern for BC breaks, beca=
use every BC break is one more reason for people to not upgrade to a suppor=
ted release.
>
> What you're talking about is new language features; well-behaved code wri=
tten for PHP 5.2 should still run perfectly fine on 7.3, where the ?? opera=
tor is quite well supported thank you and if people want to use your new mo=
dule they should damn well upgrade.  (Drupal has had the ability to set a m=
inimum PHP version for a specific module for over a decade; I know, I wrote=
 that functionality. :-) )
>
> > I also had issues with old 3rd party libraries, which stood in the way
> > of PHP version upgrade.
>
> This is the part that is of concern to this discussion.  Adding new funct=
ionality that doesn't break *existing* code is entirely irrelevant.  It's m=
ore around subtle changes to existing behavior, which are sometimes worthwh=
ile and sometimes not.
>
> Whether editions is the "right" way to balance "don't break 1 million lin=
es of 15 year old code" with "this behavior is bad and we all know it" and =
with "this behavior leads to sloppy code that is prone to bugs", I don't kn=
ow.  I'm not sure what my stance is on these questions yet.
>
> --Larry Garfield
>
> --
> PHP Internals - PHP Runtime Development Mailing List
> To unsubscribe, visit: http://www.php.net/unsub.php
>