Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:119654
Return-Path: <jakub.php@gmail.com>
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 11987 invoked from network); 2 Mar 2023 17:23:21 -0000
Received: from unknown (HELO php-smtp4.php.net) (45.112.84.5)
  by pb1.pair.com with SMTP; 2 Mar 2023 17:23:21 -0000
Received: from php-smtp4.php.net (localhost [127.0.0.1])
	by php-smtp4.php.net (Postfix) with ESMTP id B70A2180340
	for <internals@lists.php.net>; Thu,  2 Mar 2023 09:23:20 -0800 (PST)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on php-smtp4.php.net
X-Spam-Level: 
X-Spam-Status: No, score=-1.4 required=5.0 tests=BAYES_00,
	FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM,HEADER_FROM_DIFFERENT_DOMAINS,
	HTML_MESSAGE,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,
	SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no
	version=3.4.2
X-Spam-ASN: AS15169 209.85.128.0/17
X-Spam-Virus: No
X-Envelope-From: <jakub.php@gmail.com>
Received: from mail-ed1-f47.google.com (mail-ed1-f47.google.com [209.85.208.47])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256)
	(No client certificate requested)
	by php-smtp4.php.net (Postfix) with ESMTPS
	for <internals@lists.php.net>; Thu,  2 Mar 2023 09:23:20 -0800 (PST)
Received: by mail-ed1-f47.google.com with SMTP id f13so70527874edz.6
        for <internals@lists.php.net>; Thu, 02 Mar 2023 09:23:20 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=cc:to:subject:message-id:date:from:in-reply-to:references
         :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=XjpLTLRjxdjWpd0/MVnBBK/137EMQMpX6zPEg0e6VWM=;
        b=4SOAnYH/tfB8wbUMdgou2KQG3vwUN7kjvS3TqKu5/qtXIg5r9dP/XwAxw0h8kSr1GJ
         q+q63uquz1KjjbiR6u0uTzfoplKGUKOACYFMrvPl8OeFyolMF46Q3pWnU7LLK5V0QjwQ
         80t7hgmOJU3iYqRsgcp39fAorsjGO3n55A8tz29Ps3jm31ckieL8acHFIgrw74khUUUr
         KrZinlLD7dy0JD/4sItPZf+YxTcy3mY7TIgYJEyuWEDi8JEveVLR/4+0E7PoQkRkarcE
         BmwtBqYaUXRUTkgc0nKKrNYgpoIqJv1OaMd8UlC9u236FR2ui+yKYn6d6LB3QnRhKM6M
         /DNw==
X-Gm-Message-State: AO0yUKWCAOsmlMUaFYEEB8Laf8+rH/mPyieOuzdZ3ioa6am18vcYBBeL
	7AMYo+hwpQRLXIMgc7EjnfO3wkAN7yG252Cxrryxmn9r
X-Google-Smtp-Source: AK7set+YSMu/PsiNwDCSYT1c4coJNvcikBX/KUmkp8ZieZ0+/R5Jw5IUVdkgOHgaApjoBIUXagZ7dGVWgmvceMgdfkA=
X-Received: by 2002:a17:907:3a14:b0:8ee:babc:d3f8 with SMTP id
 fb20-20020a1709073a1400b008eebabcd3f8mr1537273ejc.3.1677777798770; Thu, 02
 Mar 2023 09:23:18 -0800 (PST)
MIME-Version: 1.0
References: <CANMwmbMObQJD=bBncxXcHOgs1yoBfHXsTE1KZDYcSKMxMUUrRQ@mail.gmail.com>
 <CALKiJKpuDUJ6cyh8DdCFV2o740A3ua+H0nc3_qYHwCrrSdLkGg@mail.gmail.com>
 <CAEKnhAGsAgNxfhGBLRU69HibaFYaeef4NsefxHYOQXyF2ZNSkw@mail.gmail.com> <65dbe7f1-a6d0-4b06-833c-f1c579a2ca91@app.fastmail.com>
In-Reply-To: <65dbe7f1-a6d0-4b06-833c-f1c579a2ca91@app.fastmail.com>
Date: Thu, 2 Mar 2023 17:23:07 +0000
Message-ID: <CAEKnhAFpN2uOKx-RcFWiV-hnYZ+ffQJtt-8kBBgJy=Tuw7DOSw@mail.gmail.com>
To: Larry Garfield <larry@garfieldtech.com>
Cc: php internals <internals@lists.php.net>
Content-Type: multipart/alternative; boundary="000000000000b532cb05f5ee150e"
Subject: Re: [PHP-DEV] RFC Idea - json_validate() validate schema
From: bukka@php.net (Jakub Zelenka)

--000000000000b532cb05f5ee150e
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

On Thu, Mar 2, 2023 at 5:11=E2=80=AFPM Larry Garfield <larry@garfieldtech.c=
om>
wrote:

> On Thu, Mar 2, 2023, at 6:34 AM, Jakub Zelenka wrote:
> > On Thu, Mar 2, 2023 at 12:00=E2=80=AFPM Rowan Tommins <rowan.collins@gm=
ail.com>
> > wrote:
> >
> >> On Wed, 1 Mar 2023 at 11:44, juan carlos morales <
> >> dev.juan.morales@gmail.com>
> >> wrote:
> >>
> >> > I am thinking about enhancing this function to also be able to
> >> > validate against a JSON SCHEMA, giving us something like this:
> >> >
> >> > json_validate(string $json, int $depth =3D 512, int $flags =3D 0, st=
ring
> >> > $json_schema =3D null): bool
> >> >
> >>
> >>
> >> Functionally, I think this is sounds great. My only concern is that JS=
ON
> >> Schema is a bit of a moving target. Unlike XSD, which has only ever ha=
d
> two
> >> revisions, 10 years apart (1.0 from 2001, and 1.1 from 2012), JSON
> Schema
> >> is in active development, with "Draft-07", "2019-09", and "2020-12" al=
l
> >> seeing deployment as stable releases, and work in progress on a new
> >> version:
> https://github.com/json-schema-org/json-schema-spec/milestone/7
> >>
> >> That raises two questions:
> >>
> >> * Which existing version(s) of the specification will be implemented?
> For
> >> instance, if I have a schema written for 2019-09 rather than 2020-12,
> will
> >> I be able to use this validator?
> >>
> >
> > The plan is to support draft-04 and all later ones. So yeah you should =
be
> > able to support both once they are implemented. I'm starting with
> draft-04
> > and will add others in the order they were created.
> >
> >
> >> * How will new versions of the specification be added to the parser? I=
f
> PHP
> >> 8.4 is release in November 2024, and JSON Schema 2025-01 is published
> two
> >> months later, will I need to wait for PHP 8.5 to use the new
> specification?
> >>
> >>
> > It would be a feature so the next minor.
> >
> >
> >> I guess the combination of those leads to a third question: will suppo=
rt
> >> for some versions be *removed* in later PHP versions, so that each PHP
> >> version will have a minimum and maximum schema version it supports?
> >>
> >>
> > It's possible that we might decide to stop supporting some drafts if th=
e
> > maintenance burden is too big and usage small but I wouldn't see that a=
s
> > something that happens often. But essentially you are right that there
> will
> > be minimum (draft-04 initially) and maximum (latest implemented draft).
> >
> >
> >> That's the big disadvantage of anything shipped in core, rather than i=
n
> an
> >> extension or library - there is no way to make even minor changes
> outside
> >> of PHP's release cycle.
> >>
> >>
> > The changes are going to be first added to PECL jsond which will suppor=
t
> > PHP 7.2+ for some time. I will most likely keep it updated for later
> drafts
> > additions so it could be still used for older versions of PHP.
> >
> >
> >> I wonder if there's some way this can be made pluggable - ship the cor=
e
> >> mechanisms needed by the validator in core, but make them accessible t=
o
> >> libraries to implement specific specifications in an efficient way.
> This is
> >> the approach taken by the MongoDB PHP driver - there's a stable
> extension
> >> providing efficient low-level routines, then a decoupled PHP library
> which
> >> can be installed at the project level, and follow a much more agile
> release
> >> process. I'm not sure what it would look like in this case, but may be
> >> worth considering.
> >>
> >>
> > This might be quite technically challenging and also significantly
> > impacting performance of parsing so I wouldn't see this happening - at
> > least not initially.
> >
> > Regards
> >
> > Jakub
>
> This may be a place where good OO design helps.  Thinking aloud:
>
> $schema =3D new JsonSchemaDraft4($schema_string);
>
> $schema->validate($json_string): bool;
>
> $otherSchema =3D new JsonSchemaDraft5($other_schema);
>
>
The schema version should be specified by $schema keyword so I don't think
we need multiple classes for that. We should probably default to the latest
version (and maybe allow changing default using argument) if it is not
present but it's not something that users should specify outside the schema
if they control it so it seems better not to do it on the class level.

Cheers

Jakub

--000000000000b532cb05f5ee150e--