Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:120047 Return-Path: Delivered-To: mailing list internals@lists.php.net Received: (qmail 28403 invoked from network); 17 Apr 2023 03:35:36 -0000 Received: from unknown (HELO php-smtp4.php.net) (45.112.84.5) by pb1.pair.com with SMTP; 17 Apr 2023 03:35:36 -0000 Received: from php-smtp4.php.net (localhost [127.0.0.1]) by php-smtp4.php.net (Postfix) with ESMTP id 075E71804AA for ; Sun, 16 Apr 2023 20:35:36 -0700 (PDT) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on php-smtp4.php.net X-Spam-Level: X-Spam-Status: No, score=-2.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_NONE,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.2 X-Spam-ASN: AS29838 64.147.123.0/24 X-Spam-Virus: No X-Envelope-From: Received: from wout4-smtp.messagingengine.com (wout4-smtp.messagingengine.com [64.147.123.20]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits)) (No client certificate requested) by php-smtp4.php.net (Postfix) with ESMTPS for ; Sun, 16 Apr 2023 20:35:35 -0700 (PDT) Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.west.internal (Postfix) with ESMTP id 71BCC320099B for ; Sun, 16 Apr 2023 23:35:34 -0400 (EDT) Received: from imap50 ([10.202.2.100]) by compute4.internal (MEProxy); Sun, 16 Apr 2023 23:35:34 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= garfieldtech.com; h=cc:content-transfer-encoding:content-type :content-type:date:date:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:sender:subject :subject:to:to; s=fm3; t=1681702534; x=1681788934; bh=HVTxda+GL6 1DjEJV40ev56WAoOP+Txr7IxvHKv3yFTo=; b=Kc+0a4VcMlAttDTKdEe455tgMH NllpTOm1i9RClhkqaRADdun/pO1baVqUvq4eYP+nxVni9C6ew6iXyUMaKHRCxx9W WrvOK4TCUi/bRWVa4ldSLM05ylPE92+T2MQjjW9T0JniBbpwqjIdfrzXO863XP5C Z3Q7lHAsFsYSTKTVNwRoKx6X7DE9oTlpKNb2PKGRRtytj/d1ZlxQgVP6DKc+H0ig nWNE9i9pwuFjUtCDRlhoy0+zyweFIeypZVfVqF/vz4d7njVmj7yeEltA2ozrfIJo H60Eciw2uEyf+vHO3Q67b10mebrgWQUZ7f5ua890XVr/s070x0b/AhhP/2Yw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm3; t=1681702534; x= 1681788934; bh=HVTxda+GL61DjEJV40ev56WAoOP+Txr7IxvHKv3yFTo=; b=T Yq6TuaWacGMA3y/VGlvSVbFzI8OWlBGiWAVCsUuExVoERSeox6zBl1zpd8BxDxcH pBioK/aJn07SLvb7ljlVeai/pw0ZVNxOosAA5HGjmulybO1YL7MblNtS4k3CxIy3 XUmMfiGUPuHDjkYgId/1YJ17NGQD/DkYPIiqZOBrlhhSq/kUD+6byiCTFgPhGbrn 34psbCA6MhctoHp/J7buYo+s9DFkFP98/fi+PWjyfPTRHHKbO15A/d+jn80Ft+Pl 0BaKWOmlL+8uL11mGUufTUVj9hiB3r1JTxL9chSetpy0wBOfdN9xSdrJ0hsg5fMi gnaGfmPc69aGBcUhXBrKw== X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvhedrvdelhedgjeefucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhepofgfggfkjghffffhvffutgfgsehtqhertderreejnecuhfhrohhmpedfnfgr rhhrhicuifgrrhhfihgvlhgufdcuoehlrghrrhihsehgrghrfhhivghlughtvggthhdrtg homheqnecuggftrfgrthhtvghrnhepffffffejffdugfegvedviedttedvgfejffefffej leefjeetveehgefhhfdvgfelnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpe hmrghilhhfrhhomheplhgrrhhrhiesghgrrhhfihgvlhguthgvtghhrdgtohhm X-ME-Proxy: Feedback-ID: i8414410d:Fastmail Received: by mailuser.nyi.internal (Postfix, from userid 501) id AFBC31700089; Sun, 16 Apr 2023 23:35:33 -0400 (EDT) X-Mailer: MessagingEngine.com Webmail Interface User-Agent: Cyrus-JMAP/3.9.0-alpha0-334-g8c072af647-fm-20230330.001-g8c072af6 Mime-Version: 1.0 Message-ID: In-Reply-To: References: <8abbed60-5569-4eca-ad12-957877feed9b@app.fastmail.com> Date: Sun, 16 Apr 2023 22:35:12 -0500 To: "php internals" Content-Type: text/plain;charset=utf-8 Content-Transfer-Encoding: quoted-printable Subject: Re: [PHP-DEV] Future stability of PHP? From: larry@garfieldtech.com ("Larry Garfield") On Mon, Apr 10, 2023, at 10:09 PM, Deleu wrote: > On Mon, Apr 10, 2023 at 7:03=E2=80=AFPM Larry > >> >> Again, let's assume there is no question it will happen. The questio= n for >> you: What process for making it happen would you consider sufficiently >> BC-friendly? What timeline? What level of pre-review? What reasona= ble >> process would you propose that maximizes the ability of the language = to >> remove its own design bugs while minimizing the hassle for responsible >> developers? (Responsible: They actually pay attention to upcoming ch= anges >> and prepare for them in less than 7 years.) >> > > What I would consider sufficiently BC-friendly is having a cut-off. Any > code written by the previous generation (folks that are long gone or > retired by now) continue to work as it used to while I catch up in rem= oving > it from production systems. If the code was written in 2010 or earlier= and > uses $a++; with the expectation that it will result in "b", leave it a= s-is. > If the code was written in 2018 or earlier, feel free to break it. > > Several discussions around this have happened, but unfortunately none > landed anywhere. Whether it be a new opening tag of directive/edition. In fact, if we're talking about my opinion only (wh= at > works for me personally), make this change behind the existing > strict_types=3D1. There's no "PHP 5 Era" code under my responsibility = that > has strict_types enabled so if it were up to me, make every BC break y= ou > want behind strict_types=3D1 but keep PHP with strict_types=3D0 runnin= g without > BC breaks for about 10 years. > > When PHP libraries break BC, it often comes with options of 1) extend = the > original class and override something 2) opt-in to old behavior 3) reg= ister > a callback that can be used to define the old behavior back in or 4) w= ork > with an interface or 5) last resort to fork the library if taking the > maintenance burden is worth it. I don't have any of these options when= PHP > breaks BC. > > Yes, old PHP has some bad and weird behaviors. I don't like it, you do= n't > like it, nobody likes it. I don't want to use those weird stuff, but I= 'm > doing the best I can to replace every single line of old code that has= been > written in an era that "best practices for PHP development" were not w= hat > you and I know today. > > Take PHP 7.2 deprecation of counting non-countable arguments. Could th= at > broken code have been taken out of PHP Core, made it available as a le= gacy > PHP extension and just kept alive for the foreseeable future? Can we h= ave > an additional PHP extension that allows us to still pass null to > non-nullable internal function parameters? Something like php56_substr= (). > > I don't mind if its BC breaks are opt-in or opt-out as long as we can = have > a single cut-off and make it easier for us to keep running legacy code > until we succeed in decommissioning it. > > In fact, if you wanted to deprecate `readonly` in PHP 8.3 because (as > you've said it), it's a broken behavior that prevents you to move forw= ard > with asymmetric visibility or property accessors, I wouldn't care beca= use > readonly was something introduced in a time that the code being written > using it has 100% test coverage and static analysers protecting it. It= 's > easier for me to deal with any BC breaks of PHP 7.1 or higher than it = is to > deal with deprecations of PHP 5.6 or lower. Thank you, now that's a proposal that we can actually discuss. That said, I don't think that strategy would be viable, for a couple of = reasons. 1) It assumes a strong correlation between "code was written in <2010" a= nd "the QA process is crap", and likewise between "code was written >201= 0" and "the QA process is pretty solid." I strongly suspect that correl= ation is a lot weaker than you make it out to be. The really-old public= projects I know (I've worked on Drupal and TYPO3 cores personally, both= of which are 20+ year old code bases) have pretty solid test coverage n= ow, and ample QA processes around them. They're possibly tedious to upd= ate for deprecations et al, but not per se hard. In contrast, I now wor= k with some 7.x-era Laravel projects that, well, "get the QA tooling out= of the stone age" was the first task I took on when I joined the compan= y because they desperately needed it. I don't think "it's newer so the = QA safety net is in place" is a safe assumption. 2) The vast majority of issues that need to be fixed are the old stuff; = most are from PHP 4 or PHP 3, so we're talking pre-2005. The features i= ntroduced from 5.3 onward are, for the most part, pretty reasonable. (N= ot perfect, but way way better than the PHP 3-era stuff.) So "you can o= nly clean up recent messes" translates to "you can never clean up a mess= ." 3) There can absolutely be code written in 2020 that relies on the curre= nt behavior of array_sum, or $string++, or passing null to strlen(). So= me of it has been mentioned in this thread. So "only old code relies on= old, bad language design decisions" is not really a safe statement, eit= her. We could say "well those devs should have known better," but... in= most cases the code from 2005-2010 was also written by devs who "should= have known better," as many of these issues were known-problematic even= then. (Dynamic properties, for instance, have been not-recommended sin= ce at least 5.2, if not earlier.) 4) It doesn't answer the question of when it *is* OK to start fixing the= old issues. "When I'm done cleaning up the mess I inherited" is not a = metric that Internals can really work with, but locking in "bad design d= ecisions from before 2010 are locked in forever, just in case, but we ca= n correct stuff after that without warning" is not really sustainable. 5) Different running "modes" have been discussed several times. Usually= they come back to "if we were to do it, declare statements are the best= mechanism." But they also almost always run into "every declare statem= ent means we have to add a bunch of conditionals in the engine or stdlib= to check it, which is a lot of complexity to maintain." And those are = multiplicative, so if, eg, we added declare(allow_dyn_props=3D1), declar= e(allow_null_string=3D1), and declare(modern_numeric_strings=3D1), in ad= dition to the existing strict_types, that's 2*2*2*2 =3D 16 possible comb= inations of run modes. Regardless of what the default values are, just = thinking about the number of test cases that would need to be written fo= r that makes me sweat. And that's before we even get into bifurcating P= HP into multiple incompatible rulesets that make it hard for anyone to e= ven learn how to use PHP. If you want to polyfill old core stdlib function behavior, there might b= e a way to be extra tricksy with namespaces and autoloading (if that pas= ses) to make something work, but that sounds unreliable. The real answe= r here would be the old runkit extension, but most people who know of th= at are afraid of it, because they know exactly how much confusion that c= ould cause. ;-) =20 If the stdlib were written in PHP, not C, as has been suggested a few ti= mes, that might open up other options. I've not thought that through en= tirely. That's still not at the point that it wouldn't have a performan= ce impact to do, though, which is why there's been no serious attempt at= it. --Larry Garfield