Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:116336 Return-Path: Delivered-To: mailing list internals@lists.php.net Received: (qmail 74112 invoked from network); 12 Nov 2021 21:40:14 -0000 Received: from unknown (HELO php-smtp4.php.net) (45.112.84.5) by pb1.pair.com with SMTP; 12 Nov 2021 21:40:14 -0000 Received: from php-smtp4.php.net (localhost [127.0.0.1]) by php-smtp4.php.net (Postfix) with ESMTP id 8738B1804BC for ; Fri, 12 Nov 2021 14:34:16 -0800 (PST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on php-smtp4.php.net X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,HTML_MESSAGE, RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.2 X-Spam-ASN: AS15169 209.85.128.0/17 X-Spam-Virus: No X-Envelope-From: Received: from mail-lf1-f48.google.com (mail-lf1-f48.google.com [209.85.167.48]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by php-smtp4.php.net (Postfix) with ESMTPS for ; Fri, 12 Nov 2021 14:34:16 -0800 (PST) Received: by mail-lf1-f48.google.com with SMTP id b40so25798966lfv.10 for ; Fri, 12 Nov 2021 14:34:16 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=6La/oTfMqQgU/nZSr5ohoKOm3LDUDJ7CnNmEpYiJQ2U=; b=BiVwU+pNGZKTYlDCM9Gh1BbUO9106GGoCoC7Y6AbRjrGu+/9qec1DcDnFNnKy5lctI R9sxdCWxne3hYHKdcZrlGVtETUfD/q0mNejW9vXOPBNHi2iT2bma/+8kbSmwH7wEvJe2 9IOOjq7Bn35m2nSSbSfGLJnjlcGvSITLEF5FiWdtHP0N/O4gDTqNy4T3gKB5cFPx93fM bA12JLynNclThoTC9XK501yhJNIsarLJxdZptjmlXDAnCQ/bzDchNkVRSeAh7YXWE7Ek D5Jc07kBUv8UbOlyQnPcY2ppczKSg6FPiUpcyazvlYL9MQPLzp9YrBViiQDdtp6NDs4T Kv7A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=6La/oTfMqQgU/nZSr5ohoKOm3LDUDJ7CnNmEpYiJQ2U=; b=rSZ35ySja0DPF29MEPIkePp2jChcg/C4z7pZR5VHITxVpeXroSnp1LVfspsvSO2SvA jvqN1ZapxyN69gXMYmicSb8CGxwgF9zqPnnSU09QbXl91hj2nG4ctVmIF1ohh7x4QJcF R/zvzpRtDxwk0sP3OKNOvXaYWlltra6M9LYnNq0lR5bAX7PS5nXYWfexhYzDZTNBwzqp fM3hR3hedV1/muctifQvhA8Ln0Xf2c9OcqKlTxZ49GtdSxIGmib8yufLZNZqbDS36Jfn fUdIMW3K/b7B0/NyOHVgLAPbyeuMhWrlOqwCI+w1ln4Focn0Hl+ewOlAI9HjBQtdne95 6hiA== X-Gm-Message-State: AOAM531l4l+D/gbR4vOO3iWQVUqJajkX5uxDrAR+ZzCR7E2DAIs+QiHh UaDvtVichN52PMo1FIG2Ko/M0+L4qouK5cfpByg= X-Google-Smtp-Source: ABdhPJxED5A8sMOBnnN6qT8Rgtjhrk+fIRLAovqbrkXo9UGDZqXSbbtIYnaVTSy3+Vwchtq83j5gMH4kfB9HcVQNqbs= X-Received: by 2002:a05:6512:3404:: with SMTP id i4mr17106953lfr.405.1636756454126; Fri, 12 Nov 2021 14:34:14 -0800 (PST) MIME-Version: 1.0 References: In-Reply-To: Date: Fri, 12 Nov 2021 16:34:01 -0600 Message-ID: To: Larry Garfield Cc: php internals Content-Type: multipart/alternative; boundary="0000000000000838cb05d09f0f01" Subject: Re: [PHP-DEV] [VOTE] Deprecate dynamic properties From: mweierophinney@gmail.com ("Matthew Weier O'Phinney") --0000000000000838cb05d09f0f01 Content-Type: text/plain; charset="UTF-8" On Fri, Nov 12, 2021, 3:41 PM Larry Garfield wrote: > On Fri, Nov 12, 2021, at 12:59 PM, Matthew Weier O'Phinney wrote: > > I recognize it's a bit late to be commenting, now that voting has > > started... but this feels like a solution for which we already have > > workable solutions, and which will instead lead to a lot of > > misunderstanding and breakage in the user ecosystem. > > > > Our IDEs, coding standards, and static analysis tools can already flag > > these things for us, helping us catch them early. Hell, unit testing will > > find these for us, when a test fails due to a value not being set in a > > property that we expected. > > > > Making this fundamental change to the language means, however, that a lot > > of things that we were previously able to do that "just worked" now > raise a > > deprecation notice, and, later, a compilation error... unless we make a > > change to our already working, fully functional code. > > > > I think the Locked Classes approach made far more sense here, because it > > didn't require changes to _working_ code. By making the behavior opt-in, > > developers get to choose if that's what they want for their classes, > > instead of having a backwards breaking change thrust on them. > > > > (Perhaps an even better solution would be a declaration, like we have for > > strict_types, which we could do per file.) > > > > Or maybe I'm missing something else: was there something at the engine > > level that was driving this, a significant performance gain we get from > > changing the behavior? Because if there was, there was no discussion of > it. > > In fact, the only discussion of "why" in the RFC is "In modern code, this > > is rarely done intentionally". Why is that justification for changing the > > behavior? Can you quantify how much code would be affected by this > change? > > and how much would benefit? > > > > Yes, I know that code I write would benefit from it, and personally I'd > > love to have a way to opt-in to something more strict - but I think a > > switch like this is going to make upgrading to version 9 difficult if not > > impossible for a huge number of PHP users. > > > > Sweeping changes like this need data behind them. If there's such data > for > > this RFC, it's not present in the proposal, and as such, I cannot > > understand what drives it. > > The original version of the RFC would have (as of v9) allowed for the > removal of some fugly code in property handling, resulting in engine > improvements and some minor performance benefits. That was because it > pushed the opt-in mechanism to "only if you extend stdclass", and stdclass > would effectively have a trait with stock __get/__set implementations to > handle dynamic property behavior. (It wasn't quite that, but effectively > that's what it would do.) So that was the original impetus. > None of that information was in the RFC. That sort of thing really needs to be included, as it helps a ton in justifying changes of this nature. As I noted, on reading it, the only rationale made is a quick mention that they lead to programming errors, and even then, there's no detail really if _how_. > The current version doesn't actually remove the behavior yet, so it > wouldn't allow for that optimization. That does, I agree, weaken its > argument, but as the RFC notes makes it easier in the future to figure out > how widespread dynamic properties actually are in code today. Right now... > we simply don't know. It's possible the impact here will be almost nil, or > it could break anything written before 2010. (I'd guess it's closer to the > former than the latter, but no one knows for certain.) Just grepping for > the attribute in the future would give us a better picture of how common it > is. > That's the thing: it's guesswork. About a fundamental way the object model works. While most library code may not make use of it, I can think of a number of ways I've seen it used or used the feature myself without even trying too hard: - In unit tests, to create quick spies to pass into closures. - In API wrappers, to represent payloads of specific types. (This is particularly interesting, as it allows for these wrappers to be forward compatible with additions to the API payload). - As internal DTO messages, particularly when prototyping. I get the benefits of a typed object without needing to fully define its properties. And that's just off the top of my head. > To those that are arguing that the timeline is too aggressive, I would > turn the question around: What timeline would be acceptable? "Well > behaved" code hasn't used dynamic properties outside of a few very edge > bits in a very, very long time, so transitioning to those being the > exception and not the default is, IMO, reasonable. What would be a more > comfortable timeline if not what is proposed here? > (Bearing in mind the previous statements that treating deprecations as > though they were warnings, even in production, is not Internals problem but > a problem of people who have their servers misconfigured.) > I'm bringing this up again: because deprecations are reported by changing a flag to error reporting, and because the default dev configuration enables that flag, and it's included as part of E_ALL, the reality is that many users see the deprecations. When those errors point to _libraries_ they consume, they report them. Yes, library maintainers can have policies to consider errors due to deprecations as invalid. But they still need to evaluate and review those issues, which takes time and effort. And ignoring the issue often means it gets reported repeatedly. The other option is to deal with the deprecation. But this then means yearly churn, as the project creates new deprecations with each minor version. Listen, I'm happy about a lot of the changes to the language as a user. But as a library maintainer: - Changes to fundamental, decades long behavior has huge knock-on effects for us, and causes a lot of busy work. - Yearly deprecations trigger an onslought of issues and patches that do nothing for the average user, and detract from other work, such as bug fixes and feature additions. I'd like for a discussion on how we can allow the language to develop without requiring yearly churn and burden on the surrounding ecosystem. And just waving your hands and saying deprecations aren't errors is not an answer - if it makes its way to an error log or is reported inline in a page or in CLI output, it's an error. > --Larry Garfield > > -- > PHP Internals - PHP Runtime Development Mailing List > To unsubscribe, visit: https://www.php.net/unsub.php > > --0000000000000838cb05d09f0f01--