Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:127722 X-Original-To: internals@lists.php.net Delivered-To: internals@lists.php.net Received: from php-smtp4.php.net (php-smtp4.php.net [45.112.84.5]) by lists.php.net (Postfix) with ESMTPS id E9EA81A00BC for ; Thu, 19 Jun 2025 13:02:18 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=php.net; s=mail; t=1750338020; bh=eLSCbktxmDP+XLkENCnAyPxZYj+Q3lPpIvfhwyr8vi8=; h=References:In-Reply-To:From:Date:Subject:To:Cc:From; b=SCfElVLnTAbnoWNySTXbfHOCvMLMasgHMFT3JFLhrR7R9Q54SJW5nthABGYpyNgFp GqufvZHiwSFmOWtuaQ7rQ851Qj5Mio6R7iGv00Wfegf8wmqT5B4RO3SLsBlOCW4bip Vt5tHwrZvpmeFpn2Gxw5RzFnYE+gvjaZmVWLK4ws9+0D//FxL+EqB6WuitMUCewp2b xAnwsludpkhr7kY4xbFbsTopyEuM62mBqUyUCOkggxkXsJf/VbJ7G3sit9gTNlhaLN 5kWlU2Vpn+ged9C4sncqhAjrS9APOtm9rlwypmpaM5rG8Obo1KXpPc0VuB1gCPd9uW JhFJQHZmuEr+w== Received: from php-smtp4.php.net (localhost [127.0.0.1]) by php-smtp4.php.net (Postfix) with ESMTP id E5C0C18002F for ; Thu, 19 Jun 2025 13:00:19 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-25) on php-smtp4.php.net X-Spam-Level: X-Spam-Status: No, score=-1.7 required=5.0 tests=BAYES_05,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,DMARC_PASS,FREEMAIL_FROM, HTML_MESSAGE,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE, SPF_PASS autolearn=no autolearn_force=no version=4.0.1 X-Spam-Virus: Error (Cannot connect to unix socket '/var/run/clamav/clamd.ctl': connect: Connection refused) X-Envelope-From: Received: from mail-lj1-f170.google.com (mail-lj1-f170.google.com [209.85.208.170]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by php-smtp4.php.net (Postfix) with ESMTPS for ; Thu, 19 Jun 2025 13:00:19 +0000 (UTC) Received: by mail-lj1-f170.google.com with SMTP id 38308e7fff4ca-32b49ac6431so6775191fa.1 for ; Thu, 19 Jun 2025 06:02:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1750338136; x=1750942936; darn=lists.php.net; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=90qH2aFkfH3pH1hg9d/J14Byt4MUpQfKu5gcznsNRR8=; b=Nv15il8pytWp8Vaj1PzQR90hK5JUfPu+eT9mjw5H/zMBa8eeHdv5PUEeRcSCZ1Wovl ratD5dzXl5M3xiKj5GD4ZCRecvF6ulgPwQm3jdby6kvJJSv3icN8psEej+cdfrMJ2ptK tcp353MHdnwVoQW0NO4e+ZuDlkeNlWfLDMo+CdQzZi/ZXTPIj2TF1NXpnOJfAQN45bZu 5JygFbkxHtVpss+TorgPpjN6XC4cpqbwvudy6wAZSzTMVo2PVYl/+9Evi1RDS+UtHKJO WJPjH+DYKctb6IyMUay8Mr6jeJD7evBDHHINqvEtYdq7yKJ2uyCIDygcV8/so3/JLS7w hjbw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1750338136; x=1750942936; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=90qH2aFkfH3pH1hg9d/J14Byt4MUpQfKu5gcznsNRR8=; b=xOsknTQDPwaLpakGCxQjUayXCQB5aIu+HzfWbKrnETb3pLxQ2uc7Jv1bPqSIiyngV0 JzbK1z683MshvmBY4CwRZiG6h4zAepK2VDjr6PgPeLo8iwCh26J7u7Mb2YCQpkrSqpvK wlO+j22tljuDicnnFlKuY6Tq+sbtsXysqh3oX+DFMlz7Ee3MKYvk7soO9/OQED7N92Su qCHcny8k7bmRenuDeN18YMNdcb++fkByFi3FzAlvFMd9NykW8QOtJTHY2NPF7lEmteWE kuKZ6RuyIgbrG4PQB4CuKswlWQfv/qpbzRNH+y7LykhCgj4hzEG2njIVBjhXt9KiKNnU N9UA== X-Gm-Message-State: AOJu0YyPNYOdtbQAnWtvNFAauw3ctBv81LhgZIv8qYveXKDedVfJOxXs U3pXX8v9uXQxjV1sw7xI41BBz2zrwVsjRNWc5DJXsVpJ8Lj+piicPl087fjcPwlU1Pw+4vI39OG +VwuFyxwVzTJKXslBck4FcCf7leYLwv8= X-Gm-Gg: ASbGncvuuuohDIValf4DwtmtXZe2FgzhTTeng1Dt9/msLr5o7Wg+TvUvk/DJRH4mWRV urRXSVq4h8quGBk7sEZhptzRiQLbdelCU6GFsyRYG4/BJC1PyXFqcJHvslTvVPWPxLrukRDcyT9 NrkS8rJj7iRFluMJjwAt5zAGXikO9HjccTh9RaHj7yZmVl3hrfRWb0mnE= X-Google-Smtp-Source: AGHT+IFpcoFDTG3FqHWCGdvdytrZbExCARwshhmVx2RZK1P3DvCrmut3mIT5kF2cxITEuDrAysidcRTDUbkFfvTd8FI= X-Received: by 2002:a05:651c:50d:b0:32b:2d5a:c50c with SMTP id 38308e7fff4ca-32b4a60a449mr66715961fa.36.1750338133428; Thu, 19 Jun 2025 06:02:13 -0700 (PDT) Precedence: bulk list-help: list-post: List-Id: internals.lists.php.net x-ms-reactions: disallow MIME-Version: 1.0 References: In-Reply-To: Date: Thu, 19 Jun 2025 15:02:00 +0200 X-Gm-Features: Ac12FXy9yQjPIXe2-b5FbghtXbVnVxunQlUXhAPluR848AyRP7lQYTN1iIHbB7s Message-ID: Subject: Re: [PHP-DEV] [RFC] [Discussion] #[\DelayedTargetValidation] attribute To: Ilija Tovilo Cc: php internals Content-Type: multipart/alternative; boundary="000000000000ae17a90637ec5a77" From: nicolas.grekas+php@gmail.com (Nicolas Grekas) --000000000000ae17a90637ec5a77 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Le mer. 18 juin 2025 =C3=A0 23:49, Ilija Tovilo a =C3=A9crit : > Hi Volker > > On Wed, Jun 18, 2025 at 2:23=E2=80=AFPM Volker Dusch > wrote: > > > > On Wed, Jun 18, 2025 at 1:28=E2=80=AFAM Daniel Scherzer < > daniel.e.scherzer@gmail.com> wrote: > >> > >> I'd like to start the discussion for a new RFC about adding a > `#[\DelayedTargetValidation]` attribute. > >> > >> * RFC: https://wiki.php.net/rfc/delayedtargetvalidation_attribute > >> * Implementation: https://github.com/php/php-src/pull/18817 > > > > > > While I'm in favor of the RFC, I'd more like to see the default behavio= r > of internal and userland attributes adjusted to work the same, with both > having delayed validation enabled by default. Treating core attributes > differently doesn't make sense to me. > > > > So, if that's someone you're willing to work on, I'd very much prefer > that. > I 100% agree with what Volker posted here. I wouldn't support that, because internal attributes with effects are > not usually instantiated. > > class C { > #[\SensitiveParameter] // This doesn't actually do anything, only > works on parameters > public $prop; > } > > I would get no indication that this attribute doesn't behave as I > expect. We have at least a few attributes with confusable targets > (SensitiveParameter, Override, Deprecated, NoDiscard). User attributes > can't have effects without at least reading them through reflection, > although granted they don't necessarily need to be instantiated, and > so might also not trigger the error. > These considerations work exactly the same for userland attributes: if I use #[Whatever] on a location that is not allowed by the declaration of the attribute, nothing will ever tell me at runtime, because nobody will ever try to read that attribute on that unexpected location. Yet, this "silent" behavior is by design, because that's the core of the "attributes are declarative metadata" promise. If you make them be enforced by the engine, then this promise falls apart and attributes become way less useful. The correct solution to the validation problem is to use a static analyzer. There, one can easily spot that some attributes are not correctly placed, and one can then also *ignore* the report of the SA tool, because eg #[Deprecated] is used on a class on purpose for that library (e.g. for the forward compat use case). The exception to the declarative nature of attributes that is currently allowed for engine-provided ones is detrimental to me: it allows turning them into "syntax hacks" basically (=3Dengine-enforced-thus-not-declarative rules). To paraphrase Volker, I'm in favor of the RFC, but only if we cannot agree on the need for internal and userland attributes to have the same conceptual roots (truly declarative ones). Cheers, Nicolas --000000000000ae17a90637ec5a77 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Le=C2=A0mer. 18 juin 2025 =C3=A0=C2=A023:49, = Ilija Tovilo <tovilo.ilija@gma= il.com> a =C3=A9crit=C2=A0:
Hi Volker

On Wed, Jun 18, 2025 at 2:23=E2=80=AFPM Volker Dusch <volker@tideways-gmbh.com>= ; wrote:
>
> On Wed, Jun 18, 2025 at 1:28=E2=80=AFAM Daniel Scherzer <daniel.e.scherzer@gm= ail.com> wrote:
>>
>> I'd like to start the discussion for a new RFC about adding a = `#[\DelayedTargetValidation]` attribute.
>>
>> * RFC: https://wiki.php.net/rfc/d= elayedtargetvalidation_attribute
>> * Implementation: https://github.com/php/php-src/p= ull/18817
>
>
> While I'm in favor of the RFC, I'd more like to see the defaul= t behavior of internal and userland attributes adjusted to work the same, w= ith both having delayed validation enabled by default. Treating core attrib= utes differently doesn't make sense to me.
>
> So, if that's someone you're willing to work on, I'd very = much prefer that.

=C2=A0I 100% agree wi= th what Volker posted here.
=C2=A0

I wouldn't support that, because internal attributes with effects are not usually instantiated.

class C {
=C2=A0 =C2=A0 #[\SensitiveParameter] // This doesn't actually do anythi= ng, only
works on parameters
=C2=A0 =C2=A0 public $prop;
}

I would get no indication that this attribute doesn't behave as I
expect. We have at least a few attributes with confusable targets
(SensitiveParameter, Override, Deprecated, NoDiscard). User attributes
can't have effects without at least reading them through reflection, although granted they don't necessarily need to be instantiated, and so might also not trigger the error.

Th= ese considerations work exactly the same for userland attributes: if I use = #[Whatever] on a location that is not allowed by the declaration of the att= ribute, nothing will ever=C2=A0tell me at runtime, because nobody will ever= try to read that attribute on that unexpected location.

Yet, this "silent" behavior is by design, because that'= ;s the core of the "attributes are declarative metadata" promise.= If you make them be enforced by the engine, then this promise falls=C2=A0a= part and attributes become way less useful.

The co= rrect solution to the validation problem is to use a static analyzer. There= , one can easily spot that some attributes are not correctly placed, and on= e can then also *ignore* the report of the SA tool, because eg #[Deprecated= ] is used on a class on purpose for that library (e.g. for the forward comp= at use case).

The exception to the declarative nat= ure of attributes that is currently allowed for engine-provided ones is det= rimental to me: it allows turning them into "syntax hacks" basica= lly (=3Dengine-enforced-thus-not-declarative rules).

To paraphrase Volker,=C2=A0I'm in favor of the RFC, but only if we c= annot agree on the need for=C2=A0internal and userland attributes to have t= he same conceptual roots (truly declarative ones).

Cheers,
Nicolas
--000000000000ae17a90637ec5a77--