Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:116076 Return-Path: Delivered-To: mailing list internals@lists.php.net Received: (qmail 10967 invoked from network); 17 Sep 2021 14:22:47 -0000 Received: from unknown (HELO php-smtp4.php.net) (45.112.84.5) by pb1.pair.com with SMTP; 17 Sep 2021 14:22:47 -0000 Received: from php-smtp4.php.net (localhost [127.0.0.1]) by php-smtp4.php.net (Postfix) with ESMTP id 745981804B3 for ; Fri, 17 Sep 2021 08:02:47 -0700 (PDT) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on php-smtp4.php.net X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,HTML_MESSAGE,RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.2 X-Spam-ASN: AS15169 209.85.128.0/17 X-Spam-Virus: No X-Envelope-From: Received: from mail-lf1-f49.google.com (mail-lf1-f49.google.com [209.85.167.49]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by php-smtp4.php.net (Postfix) with ESMTPS for ; Fri, 17 Sep 2021 08:02:46 -0700 (PDT) Received: by mail-lf1-f49.google.com with SMTP id t10so28048228lfd.8 for ; Fri, 17 Sep 2021 08:02:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=craigfrancis.co.uk; s=default; h=mime-version:from:date:message-id:subject:to; bh=UxLFSlXJzOiG748h/vhK80BNmrnHK62YKS9mWS60PuU=; b=X1cZ1rurzvp6tflDm+2WRkys2UqFHpE8iV3Wm9F77jGw8OwQxIYpk+iUVA6SMie2dD X8ZSgK+tOQRqLIPSftCob2jDa44zmDh4ga5fEItK8poMpY5qwAk01VBbrh8x1u8resXY 3nxE6eYAWHlh7Rsrzp5yce9F1vZsi5OIVHVcQ= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=UxLFSlXJzOiG748h/vhK80BNmrnHK62YKS9mWS60PuU=; b=vnNZbC7S2f/PtBbmYzI6vxY1+FnG8ZlTigijlmj3SJxHEjN0D3RMTZzjzKwE6fNSxR FrpPAKcdwcnCGHSgRvn5mgQNjN7/H6svTocaiky8eVxwHEOMFSC8zADOivkJ2d2yaSqA u+jltBrig3LSZYbIurSYyQJNlhio3GTCh0UqQCvRKhtzklOOQz2MMpkqa357MUkrq6yq /hUgSTiRITvVngf1OItDR6TkhFivn0A+YUXpCajLjbbj8UfmlEU4YbeP+spTUT0UOmXg 0x+BxGp6rU5la4XieW8F0r6Op/9zmx35KCOWCNODt3MWy2KToUOPeCuE2wOYZbB8+d4E ikHg== X-Gm-Message-State: AOAM532vAGA+y95PVbeSoXR4AbolTvBay+y6UKETLl65Kc2bhsoDCIV5 UOJ1Ty5e7l8h8zFfr6AtyXLCyaE0DEYjqxBaF8jbL5sT5bM5gw== X-Google-Smtp-Source: ABdhPJxlF9gPTxjYWmwA77AI9ZEvUXyNa2qQbWT60nNLd3CsVKgaIS46Wt8nw92DtE4oc8bzn/X2rMm9TX7LztJ17oA= X-Received: by 2002:ac2:4bc1:: with SMTP id o1mr8396168lfq.116.1631890937147; Fri, 17 Sep 2021 08:02:17 -0700 (PDT) MIME-Version: 1.0 Date: Fri, 17 Sep 2021 16:02:04 +0100 Message-ID: To: PHP internals Content-Type: multipart/alternative; boundary="0000000000009f46f005cc323777" Subject: [RFC] Deprecate passing null to non-nullable arguments of internal functions From: craig@craigfrancis.co.uk (Craig Francis) --0000000000009f46f005cc323777 Content-Type: text/plain; charset="UTF-8" Hi Internals, https://externals.io/message/112327 https://externals.io/message/112996 Considering how frequently developers use this pattern: $name = ($_POST['name'] ?? NULL); Sometimes without really noticing, e.g. - Laravel: `$request->input('name');` - Symfony: `$request->get('name');` - CakePHP: `$this->request->getQuery('name');` - CodeIgniter: `$request->getGet('name');` I'm concerned it's going to make upgrading to 8.1 fairly annoying, as these NULL values get passed to `strlen()`, `trim()`, `strpos()`, `htmlspecialchars()`, `strtoupper()`, `hash()`, `simplexml_load_string()`, `strtotime()`, etc. I appreciate projects using `strict_types=1` will prefer this, but I suspect all the deprecation notices will be annoying for the majority of projects that don't. And I appreciate that each instance is easy to fix, but there is a lot of them out there (says he trying out a few projects on 8.1.0RC2, and being glad that I'm not the one who needs to find and explicitly change all of these potential NULL values to an empty string). As an aside, it is useful having NULL to differentiate between a GET/POST/etc value not being present, vs the value being explicitly set to an empty string. And anyone using Laravel, remember that `error_reporting(-1)` is used in HandleExceptions.php (to report all errors), and E_DEPRECATED is handled via `ErrorException`, which is likely to result in 500 errors for you... same with "Return type of X should either be compatible with X, or the #[\ReturnTypeWillChange] attribute should be used to temporarily suppress the notice" (lots of those, hopefully all will be fixed soon). Craig --0000000000009f46f005cc323777--