Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:112059 Return-Path: Delivered-To: mailing list internals@lists.php.net Received: (qmail 42248 invoked from network); 14 Oct 2020 16:13:43 -0000 Received: from unknown (HELO php-smtp4.php.net) (45.112.84.5) by pb1.pair.com with SMTP; 14 Oct 2020 16:13:43 -0000 Received: from php-smtp4.php.net (localhost [127.0.0.1]) by php-smtp4.php.net (Postfix) with ESMTP id B6690180531 for ; Wed, 14 Oct 2020 08:29:08 -0700 (PDT) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on php-smtp4.php.net X-Spam-Level: * X-Spam-Status: No, score=1.4 required=5.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,HTML_MESSAGE,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_SOFTFAIL autolearn=no autolearn_force=no version=3.4.2 X-Spam-Virus: No X-Envelope-From: Received: from mail-lj1-f178.google.com (mail-lj1-f178.google.com [209.85.208.178]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by php-smtp4.php.net (Postfix) with ESMTPS for ; Wed, 14 Oct 2020 08:29:08 -0700 (PDT) Received: by mail-lj1-f178.google.com with SMTP id c21so3684773ljj.0 for ; Wed, 14 Oct 2020 08:29:08 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=N1LItayFf0FlOzGl+6pBK+MAw6QqD0SYdIxibUP1PzU=; b=Huy1gNFhaHNfavb96lEVcCSKmKmtqbWsjBymu1PEVoZFNeF/0xjRk0gQIT0wY0+hc8 Kp0DkCLCyqlM90/okNiqKLwmlF6ruBybvQ5ee7/miGKSLZRLY4mJMfEJrHFgtbGdUrCD jWZtuWlogf0ef2uyOxxp9EvQVuqy3qAEqr/3+uvW87ScCUrDvkYN9vUVvZspejJRD1nb hP4fAVe/3FINrgE+Rq8aT0fDY+0mhHLu7LiO8TTteZxTQCMSwipgFqIuSgi5b66+HZpa a/N1VCrT4WOXsh2SugvUJx8uSUkH2uMwWIcHuj5riylmrBAyMmuc07EnxFjsuOsYD48A lZ1A== X-Gm-Message-State: AOAM531ckjuurc45wGj2rZTEOnoWCFLQjOkDRlDdUgBPadxOqn4alr8I CxeR+LzA9gSK3L6iDaiwnx8YOMgQBSaYUt8ITwqMyw== X-Google-Smtp-Source: ABdhPJyefNEFuau8Ci5f8/WH70edUVaz1tFqKsDQd1WBh8xHygmdlgKjzcuCEz1eJ9HigBaTFBd9EZCuEv4PALVqgDM= X-Received: by 2002:a2e:9f13:: with SMTP id u19mr1998300ljk.160.1602689343741; Wed, 14 Oct 2020 08:29:03 -0700 (PDT) MIME-Version: 1.0 References:

In-Reply-To: Date: Wed, 14 Oct 2020 10:28:52 -0500 Message-ID: To: Dik Takken Cc: Larry Garfield , php internals Content-Type: multipart/alternative; boundary="0000000000000508f705b1a33196" Subject: Re: [PHP-DEV] PHP 8 release announcement page on php.net From: pollita@php.net (Sara Golemon) --0000000000000508f705b1a33196 Content-Type: text/plain; charset="UTF-8" On Wed, Oct 14, 2020 at 6:18 AM Dik Takken wrote: > > However, then we should also make sure that the example > code actually works, and on which PHP versions. As soon as examples can > be run right from the documentation pages, the examples will be run far > more frequently than they are now, simply because it is so much easier > to do. Broken examples will cause more disappointing experiences. > Agreed 100%. I do think it should be reasonable to write a one-time doc scanner to look for and attempt to run those in a container. It's not going to be a guarantee that the code does what we *expect*, but we can probably turn it into a report of "things that definitely don't parse" + "things that raise E_ERROR" + "things that warn/notice, should be looked at" + "things that we hope probably work maybe" and from there just have a prominent "report a bug about this example" button which prefills a lot of the bugs.php.net form data and/or maybe even avoid duplication by attaching "me too" to reports that have already been filed for a given code snippet hash. Bear in mind translations sometimes have unique bugs (variable names and example content get translated too), so scanning the other languages would be a good followup task. TL;DR - Yes, this is work to do up front, but it's pretty clear that we can turn this from a massive pile of wtf into a tractable problem. > I don't know if example code is currently tested automatically. If not, > adding a sandbox for running them may also offer an opportunity for > automatic testing. > It's automatically run in the brain of whoever commits the example to the docs repository. :( Usually this doesn't lead to any *majorly* broken code, but a typo here or there is sadly not uncommon. Once in a while we get a report via bugs.php.net and it's a quick fix, but bugs exist. > - A general sandboxed php implementation hosted > by the owners of php.net (requires that it be secured > and may lead to additional hosting costs), > https://3v4l.org/ (not open source https://3v4l.org/about - > but similar to what I was thinking of) > The simple implementation here is a "try this code" button that pops 3v4l.org open in a new tab with the code prefilled and running. That means a conversation with the owner of 3v4l.org obviously, but potentially doable, and probably not hard. > or https://psalm.dev/ (open source) are projects in that area > (Matthew Brown is one of the authors of Psalm) > I don't like the idea of executing that on www.php.net for a few reasons, but someone else mentioned the possibility of donated cpu time from somewhere that's worth a conversation. > - A WebAssembly solution, e.g. https://phan.github.io/demo/ > (forked from https://oraoto.github.io/pib/) (I'm one of the maintainers of Phan) > Honestly, I like this solution best. There are drawbacks, and we'd probably need to suppress it in certain reference chapters (e.g. mysql, since there's no DB to talk to), but damn if it don't feel skippy trying it out just now. (On my admittedly well connected, beefy dev workstation) -Sara --0000000000000508f705b1a33196--