Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:118503
Return-Path: <tim@bastelstu.be>
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 72274 invoked from network); 26 Aug 2022 10:23:50 -0000
Received: from unknown (HELO php-smtp4.php.net) (45.112.84.5)
  by pb1.pair.com with SMTP; 26 Aug 2022 10:23:50 -0000
Received: from php-smtp4.php.net (localhost [127.0.0.1])
	by php-smtp4.php.net (Postfix) with ESMTP id DB0AB18055A
	for <internals@lists.php.net>; Fri, 26 Aug 2022 03:23:49 -0700 (PDT)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on php-smtp4.php.net
X-Spam-Level: 
X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS,
	T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.2
X-Spam-ASN: AS24940 176.9.0.0/16
X-Spam-Virus: No
X-Envelope-From: <tim@bastelstu.be>
Received: from chrono.xqk7.com (chrono.xqk7.com [176.9.45.72])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by php-smtp4.php.net (Postfix) with ESMTPS
	for <internals@lists.php.net>; Fri, 26 Aug 2022 03:23:49 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bastelstu.be;
	s=mail20171119; t=1661509428;
	bh=dpuQemGzr1LC8W4tu5HFRWmOmanVqCuFOzTKIY1WARU=;
	h=Date:Subject:To:Cc:References:From:In-Reply-To:From;
	b=bmbLUxmH0DXyTwIbnc1VWmZcLPflVSJYEtGornqSHEQ2rsDeWZ4D+izda4WEZSxwQ
	 DJXT6jY9S5g5wdFqGa4pmSn4SNWe7JsTvqeCxjZpwzLOhVi1ew/YWR/FNToncVfyu1
	 IFKov1m+pxJdNzgObB5lN+nGEOSFpsp7Cu9/ecMKx4lH2RMuTpRbI1B5y17cVjDzqX
	 Ip8Z4tb60054nCTTeRuSI/UNpP7VAWQdSKmnasKYcoKopZMLAKf1G7XH1VqId7zkBF
	 kzplwmOf2e0zk7xUDZD90aQh1+JBKDgmHLTB+IY+qBy/FUVE+lVxKOz5012OEjhsJW
	 XCCPHro7I6K9A==
Message-ID: <ebbb2fe5-63f0-6f33-47dc-ea16789bba5b@bastelstu.be>
Date: Fri, 26 Aug 2022 12:23:47 +0200
MIME-Version: 1.0
Content-Language: en-US
To: =?UTF-8?Q?Micha=c5=82_Marcin_Brzuchalski?=
 <michal.brzuchalski@gmail.com>, Dusk <dusk@woofle.net>
Cc: David Gebler <davidgebler@gmail.com>,
 juan carlos morales <dev.juan.morales@gmail.com>,
 PHP Internals List <internals@lists.php.net>
References: <CANMwmbN8_Km+urXbNO7oWvNteYA2mTPNYyRgfaoypEK1Cw4F0A@mail.gmail.com>
 <CA+p1FaZDm3-h_LoOwv619wFyPg+2pAM8qC2La438sU_SPHZnCg@mail.gmail.com>
 <CABdc3WqsDc+80ATdX9+qstOkf+eUYCAQNPeV_FXcHiFumVQb8A@mail.gmail.com>
 <8D53AD5B-7CFC-4820-9EE4-FEB365D327A8@woofle.net>
 <CABdc3Wo7_qJOtebvA2GNGFUGFAut3tJOShXDBLHnRKqhrwVJ-g@mail.gmail.com>
In-Reply-To: <CABdc3Wo7_qJOtebvA2GNGFUGFAut3tJOShXDBLHnRKqhrwVJ-g@mail.gmail.com>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
Subject: Re: [PHP-DEV] RFC json_validate() - status: Under Discussion
From: tim@bastelstu.be (=?UTF-8?Q?Tim_D=c3=bcsterhus?=)

Hi

On 8/26/22 11:00, Michał Marcin Brzuchalski wrote:
> A `json_decode()` is a substitute that IMO solves 99% of use cases.
> If I'd follow your logic and accept every small addition that handles 1% of
> use cases, somebody will raise another RFC
> for simplexml_validate_string or yaml_validate and the next
> PhpToken::validate.
> All above can be valid if we trust that people normally validate 300MB
> payloads to do nothing if they DON'T fail and there is nothing strange
> about that.

You phrase this as if this was a bad thing.

But yes, if PHP would include a YAML parser in core (there appears to be 
one in PECL) then having a yaml_validate() function with a value-add 
compared to actually constructing the object representation then it 
would certainly be an appropriate inclusion. I don't see why JSON should 
be special here.

For XML my understanding is that the XMLReader class can already be used 
to efficiently validate an XML input in userland [1], because that class 
is defined to be a streaming parser. These types of parsers are not 
uncommon in XML land.

Best regards
Tim Düsterhus

[1] https://www.php.net/manual/en/xmlreader.isvalid.php