Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:112857 Return-Path: Delivered-To: mailing list internals@lists.php.net Received: (qmail 92524 invoked from network); 12 Jan 2021 19:03:56 -0000 Received: from unknown (HELO php-smtp4.php.net) (45.112.84.5) by pb1.pair.com with SMTP; 12 Jan 2021 19:03:56 -0000 Received: from php-smtp4.php.net (localhost [127.0.0.1]) by php-smtp4.php.net (Postfix) with ESMTP id 4CE9E1804D1 for ; Tue, 12 Jan 2021 10:41:57 -0800 (PST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on php-smtp4.php.net X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_LOW,RCVD_IN_MSPIKE_H4,RCVD_IN_MSPIKE_WL, SPF_HELO_PASS,SPF_NONE autolearn=no autolearn_force=no version=3.4.2 X-Spam-Virus: No X-Envelope-From: Received: from wout1-smtp.messagingengine.com (wout1-smtp.messagingengine.com [64.147.123.24]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by php-smtp4.php.net (Postfix) with ESMTPS for ; Tue, 12 Jan 2021 10:41:56 -0800 (PST) Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.west.internal (Postfix) with ESMTP id 97F241420 for ; Tue, 12 Jan 2021 13:41:54 -0500 (EST) Received: from imap26 ([10.202.2.76]) by compute4.internal (MEProxy); Tue, 12 Jan 2021 13:41:54 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm1; bh=vkQtrH 2HJIqYI59/6+rpgSSJ7L/G3CZ+XBBmqreBd1Q=; b=oH/vbsdyK8l+83dDq9ygUD fbRkHWS1phulM58g9zxG6d+PJkio2U+rS22f69EabPPbRwkIFWF4Ya/hXE4aIC0r ECsHjSBn8+s1MsKnE6bLzBJBY0wQEfZgHKMQ/L8sa2fjdDs45ltyT3HmNOHqKUcH HsFC9Me3ENLJ98aJDdxEs6GjE4guo2mt7jPSPMtBUmgOewy4JZDxX5B9kvujRm14 qk451INvOgr95TsmD7YXIUB37XLn8Ce1alN2E/bEfdDHXKaI5q9Y4u7JzFCl9QN2 uDDzcIQlpzdtPMycFVhFnEjwwyls18KCdWTE27mKuyfqHpyZ2VD9uFQkZJpLRRxA == X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedukedrtddtgdekfecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenuc fjughrpefofgggkfgjfhffhffvufgtsehttdertderredtnecuhfhrohhmpedfnfgrrhhr hicuifgrrhhfihgvlhgufdcuoehlrghrrhihsehgrghrfhhivghlughtvggthhdrtghomh eqnecuggftrfgrthhtvghrnhepgeelgfekudeivddvteffueejffdthfejieevhefgffek udevkedtvdelvddvffefnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrg hilhhfrhhomheplhgrrhhrhiesghgrrhhfihgvlhguthgvtghhrdgtohhm X-ME-Proxy: Received: by mailuser.nyi.internal (Postfix, from userid 501) id 0829F14200A2; Tue, 12 Jan 2021 13:41:54 -0500 (EST) X-Mailer: MessagingEngine.com Webmail Interface User-Agent: Cyrus-JMAP/3.5.0-alpha0-45-g4839256-fm-20210104.001-g48392560 Mime-Version: 1.0 Message-ID: In-Reply-To: References: Date: Tue, 12 Jan 2021 12:41:33 -0600 To: "php internals" Content-Type: text/plain Subject: Re: [PHP-DEV] [RFC] Allow object keys in arrays From: larry@garfieldtech.com ("Larry Garfield") On Tue, Jan 12, 2021, at 11:53 AM, Andreas Leathley wrote: > On 12.01.21 17:51, Marco Pivetta wrote: > > Code written to deal with `array` in a generic way will no longer work > > when > > invoked through code paths that produce object keys: this is a general > > problem with widening types overall, and is a clear BC break. > > If you look at levels of BC break, this is on the very low end in my > opinion. No existing code will break when upgrading to this new PHP > version. Only new code written specifically for that PHP version would > be impacted, and frameworks/libraries could, if necessary, add > additional checks without becoming incompatible with older PHP versions. > It helps that currently array keys can be integers or strings, so if the > key type is important, some checking is already necessary. This is untrue. It's quite possible to have code like this today: function make_list(array $vals) { $out = ''; } That would work just fine today with string or int keys, but would break if on an object-keyed array if the objects did not implement __toString(). Whether the risk of such code breaking in practice is large or small is another question, and I don't have an answer for it. I'm of mixed feelings on this RFC; on the one hand, it would make Enums even easier to work with, which is good. On the other, it pours even more behavior into the kitchen sink data structure whose (mis)use is a known security hole, which is bad. I'd like to see us using naked hash tables less, not more. Ilija is also correct that minor potential-breaks like this have been introduced in the past, and the world has not ended. Whether that is good or bad, historically, is debatable and likely varies with the specific feature. I would say that if this RFC moves forward, we would also want to introduce an other array_is_*() function to make adding extra guards easier. I'm not sure what we'd call it, though. array_is_keyed? array_is_assoc? array_is_not_objects? Bikeshed as you wish. :-) But we'd want some easy way to tell what key-style an array uses. ... maybe a function that returns an internal enumeration of List, Assoc, or Object for the 3 key types? :-) --Larry Garfield