Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:118338
Return-Path: <tim@bastelstu.be>
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 93493 invoked from network); 1 Aug 2022 15:25:17 -0000
Received: from unknown (HELO php-smtp4.php.net) (45.112.84.5)
  by pb1.pair.com with SMTP; 1 Aug 2022 15:25:17 -0000
Received: from php-smtp4.php.net (localhost [127.0.0.1])
	by php-smtp4.php.net (Postfix) with ESMTP id 1B319180384
	for <internals@lists.php.net>; Mon,  1 Aug 2022 10:24:51 -0700 (PDT)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on php-smtp4.php.net
X-Spam-Level: 
X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS,
	T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.2
X-Spam-ASN: AS24940 176.9.0.0/16
X-Spam-Virus: No
X-Envelope-From: <tim@bastelstu.be>
Received: from chrono.xqk7.com (chrono.xqk7.com [176.9.45.72])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by php-smtp4.php.net (Postfix) with ESMTPS
	for <internals@lists.php.net>; Mon,  1 Aug 2022 10:24:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bastelstu.be;
	s=mail20171119; t=1659374688;
	bh=ahV0p1It/d3H2sQF5AEk/qfv+IB8D7OGTaaghba6tT0=;
	h=Date:Subject:To:Cc:References:From:In-Reply-To:From;
	b=M/txYaeEj4I6UL86THqucd93xeRDIlLroxAZgq5lTr3hLgnXt1n6thZRXQ7kCZRl0
	 hXcYnJRO0TQ1aesc1VHiE0+PP3k9L/o22V+SFd+c6BmEo1/OhAfdFrvCBCbtoZcHKp
	 cO+oEejKb9de95LXLDzQPXog0kj7/xXgWfnZuV2yQm8MSo0pvsnk0S7+/RizPH26MK
	 9Jy6vO0ndX0FPP9+Yg3YVaxZ0HBZ6UA/Go/Ubqb5FtjpJgAoLPRhX7pKroTw3p71+0
	 efpQFeplNzLxgGqkTimpw6JfDwMcl4CefwvRSU3PzTQz7o21BtKI9TF89qhOyy/viA
	 +iFGq8w2W77CA==
Message-ID: <aacc7b11-58c3-d177-44cf-3c828fc545d3@bastelstu.be>
Date: Mon, 1 Aug 2022 19:24:47 +0200
MIME-Version: 1.0
Content-Language: en-US
To: "G. P. B." <george.banyard@gmail.com>
Cc: PHP internals <internals@lists.php.net>
References: <302000df-5c3f-a86c-a608-2a45d2726ab1@bastelstu.be>
 <CAFPFaMLT0VL+AVnGeRMK2wO+-A_Mf3LCqMKnzqs1iK828GbM9w@mail.gmail.com>
In-Reply-To: <CAFPFaMLT0VL+AVnGeRMK2wO+-A_Mf3LCqMKnzqs1iK828GbM9w@mail.gmail.com>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
Subject: Re: [PHP-DEV] What type of Exception to use for unserialize()
 failure?
From: tim@bastelstu.be (=?UTF-8?Q?Tim_D=c3=bcsterhus?=)

Hi

On 8/1/22 14:58, G. P. B. wrote:
>> During review cmb noted that using an 'Error' here might not be the best
>> choice, as while it is likely to be a programmer error if unserializing
>> fails, we do not want to educate users to catch(Error).
>>
> 
> I probably have a very different philosophy on this as I don't mind users
> catching Errors, but it probably be mostly done by Framework/libraries
> doing some funky stuff.

Which effectively translates into "don't catch(Error)". No rule without 
exception :-)

In my userland code I also have some blanket catch(Throwable) around 
*generic* code (i.e. arbitrary callables that can throw whatever type of 
throwable).
>> My suggested path forward would be:
>>
>> For 8.2:
>>
>> - Update ext/random to use the ext/date wording (I like that one best):
>>
>> "Invalid serialization data for <classname> object."
>>
>> - Revert the change from Exception to Error in my ext/random PR #9185.
>>
> 
> Those make sense to me

I've already made those changes (i.e. Exception + ext/date wording). 
Feel free to add your approval if you agree:

https://github.com/php/php-src/pull/9185

---

For the other bits and pieces of your reply I don't have a strong 
opinion and I'm happy with whatever results comes out of it.

Best regards
Tim Düsterhus