Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:129153 X-Original-To: internals@lists.php.net Delivered-To: internals@lists.php.net Received: from php-smtp4.php.net (php-smtp4.php.net [45.112.84.5]) by lists.php.net (Postfix) with ESMTPS id 4C3261A00BC for ; Sat, 8 Nov 2025 20:09:34 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=php.net; s=mail; t=1762632579; bh=yZEf+Ryme2BaLQ+kzJegdEDdkEW0/j7jqR45skPMbPg=; h=Date:From:To:In-Reply-To:References:Subject:From; b=cjOjSJ35nCVWvustwmnx/h+v8ZobmgigcOS4/nAaRg5+jBP1U+T4iyv4UHTWWqZAk P+WsJqGRQGTomvgh2YOm0csJXRROdDUc3Per87Ts8wOs29ayERAjpTl9r7FkojtrlM JdmuDD+AkpM+cGDjz3uSuRDOcMsnLypuZljityBxW6DOMtFXcQ+VCZdqfS8megCYJM XRj3RSiuAfmhqou5mOwMIl/3sFGWww2NHSebCRjxtU94j1zZ6JnuhAq1z2/DWsW8QJ B7TE9bDHVYIyluRF8xplgGRA/Btfq6JqszjGqLJydz/hMhqJWiZreaFupckOkLYnqP oAI7zd0YhNUDQ== Received: from php-smtp4.php.net (localhost [127.0.0.1]) by php-smtp4.php.net (Postfix) with ESMTP id ED6261804B9 for ; Sat, 8 Nov 2025 20:09:37 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-25) on php-smtp4.php.net X-Spam-Level: X-Spam-Status: No, score=-0.1 required=5.0 tests=BAYES_50,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,DMARC_MISSING,HTML_MESSAGE, RCVD_IN_DNSWL_LOW,SPF_HELO_PASS,SPF_PASS autolearn=no autolearn_force=no version=4.0.1 X-Spam-Virus: No X-Envelope-From: Received: from fout-b2-smtp.messagingengine.com (fout-b2-smtp.messagingengine.com [202.12.124.145]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by php-smtp4.php.net (Postfix) with ESMTPS for ; Sat, 8 Nov 2025 20:09:37 +0000 (UTC) Received: from phl-compute-12.internal (phl-compute-12.internal [10.202.2.52]) by mailfout.stl.internal (Postfix) with ESMTP id 57A951D0018B for ; Sat, 8 Nov 2025 15:09:32 -0500 (EST) Received: from phl-imap-05 ([10.202.2.95]) by phl-compute-12.internal (MEProxy); Sat, 08 Nov 2025 15:09:32 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bottled.codes; h=cc:content-type:content-type:date:date:from:from:in-reply-to :in-reply-to:message-id:mime-version:references:reply-to:subject :subject:to:to; s=fm1; t=1762632572; x=1762718972; bh=yZEf+Ryme2 BaLQ+kzJegdEDdkEW0/j7jqR45skPMbPg=; b=Ol2msTZ8LMPHDbrrDhl/U6Ubkj GC60MxSTTu9aIPh7c6Asl54fxic9vex0Wp51G0r2cUmcGLzW+CX6GjO/Mg1VXWQS 4WPg8Hg/p1l5O+/pewp3IIbThc/JWjmW7c0CDryihwsCElMlRGOBJezhgZ5o5uMM nRKUj8xOFadh6dghNfoDxkqfZ8p6n7zc+yKFp1Mzbe1rgJJ8pqLkneoRpt5tJ9Sy B0Z5E9zRVj1A3pU9ZZNS4vhTkRTuUxVM9gRt38WXCCdEJoF40n3UhYl94i3FckoA 6iGV31ioL8P/HB3DZWswoxWfnugqW3U/1RqfbPHJ2r8zDk+oedMiiIFZLI4g== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:content-type:date:date :feedback-id:feedback-id:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:subject:subject:to :to:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm3; t= 1762632572; x=1762718972; bh=yZEf+Ryme2BaLQ+kzJegdEDdkEW0/j7jqR4 5skPMbPg=; b=N6jvzkxa1r7e5iBVgBXUiCnfmZ5W6PCGuVEdobWinoNhSHfb2f/ fCcZv1l04e9EPAFJ0Uk8tEIWgFk8cGp3XiHoCu/ieQzgYTycQQcfTYhZM6zCyBKo cD/IfLdVcEgYC4CRbwooRjmQedJBRWCpkrTXo6h4ZCUuOFBBcJIv/ELDRqll3VOA FQVPdoRYjDzK7h01VT2/rmfGWNQcgFLP77DzLiQZ2sX/+4ch9gOBMfWX+cF/0w+r Zmsm/1BoQNh/SgMVTvVwarLlI+AgJp66i/r5JgLU5w/7+N1rLgmK0Ogo2z83o64I oFioQvONaDppkOR+Go6EQyskm+b1FOCeovA== X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeffedrtdeggdduleefgeeiucetufdoteggodetrf dotffvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfurfetoffkrfgpnffqhgenuceu rghilhhouhhtmecufedttdenucenucfjughrpefoggffhffvkfgjfhfutgesrgdtreerre dtjeenucfhrhhomhepfdftohgsucfnrghnuggvrhhsfdcuoehrohgssegsohhtthhlvggu rdgtohguvghsqeenucggtffrrghtthgvrhhnpeelkeehtdfgfefhleeilefggeeihfekvd elfeejtdfflefhheehfffgudetuddutdenucffohhmrghinhepphhhphdrnhgvthenucev lhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehrohgssegsoh htthhlvggurdgtohguvghspdhnsggprhgtphhtthhopedupdhmohguvgepshhmthhpohhu thdprhgtphhtthhopehinhhtvghrnhgrlhhssehlihhsthhsrdhphhhprdhnvght X-ME-Proxy: Feedback-ID: ifab94697:Fastmail Received: by mailuser.phl.internal (Postfix, from userid 501) id B16041820054; Sat, 8 Nov 2025 15:09:31 -0500 (EST) X-Mailer: MessagingEngine.com Webmail Interface Precedence: list list-help: list-unsubscribe: list-post: List-Id: x-ms-reactions: disallow MIME-Version: 1.0 X-ThreadId: AZgO4gJIj6HZ Date: Sat, 08 Nov 2025 21:08:34 +0100 To: internals@lists.php.net Message-ID: In-Reply-To: References: Subject: Re: [PHP-DEV] RFC: Namespace-Scoped Visibility for Methods and Properties Content-Type: multipart/alternative; boundary=d59da614b3b04e50bb9184b0bfbc054a From: rob@bottled.codes ("Rob Landers") --d59da614b3b04e50bb9184b0bfbc054a Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable On Sat, Nov 8, 2025, at 17:50, Rowan Tommins [IMSoP] wrote: > On 08/11/2025 12:43, Rob Landers wrote: > > I=E2=80=99d like to introduce an RFC for discussion:=20 > > https://wiki.php.net/rfc/namespace_visibility which proposes a new=20 > > visibility modifier: private(namespace). >=20 >=20 > Hi Rob, >=20 > Thanks for putting together the RFC. >=20 > My main concern with this and similar single-keyword proposals is that=20 > its only useful if people lay out their code in a particular way, rath= er=20 > than fitting with the variety of namespace hierarchies seen in the wil= d. >=20 > For instance, in your example, you have two classes: >=20 > - App\Auth\SessionManager > - App\Auth\SessionStore >=20 > But if this was library with a set of interchangeable session stores, = it=20 > might well lay them out like this: >=20 > - Acme\AuthLib\Session\Manager > - Acme\AuthLib\Session\Store\SessionStoreInterface > - Acme\AuthLib\Session\Store\DatabaseSessionStore > - Acme\AuthLib\Session\Store\FileSystemSessionStore > - etc >=20 > In that case, "current namespace plus children" would work, and I'd be=20 > interested in your reasoning for requiring an exact match instead. >=20 >=20 > But even that might not be enough, if for some reason it looked like t= his: >=20 > - Acme\AuthLib\Services\SessionManager > - Acme\AuthLib\Implementations\SessionStore\SessionStoreInterface > - Acme\AuthLib\Implementations\SessionStore\DatabaseSessionStore > - Acme\AuthLib\Implementations\SessionStore\FileSystemSessionStore > - etc >=20 > Here, what we want is visibilty for everything inside "Acme\AuthLib",=20 > not only in "Acme\AuthLib\Services". >=20 > Since, as you say in another reply, we don't have a standard definitio= n=20 > of "module", "package", or "assembly", I think we need a keyword or=20 > attribute which takes as a parameter either the namespace prefix, or t= he=20 > number of levels to match. >=20 >=20 > --=20 > Rowan Tommins > [IMSoP] >=20 Hi Rowan, Thanks for the detailed feedback. The exact-match requirement is intenti= onal rather than incidental. In my nested classes RFC, I assumed namespa= ces behaved hierarchically, and it was pointed out that isn=E2=80=99t al= ways guaranteed. So, one of the main design goals with this RFC was to m= ake a boundary that was crisp and unsurprising: if two pieces of code ha= ve the same lexical namespace, access is allowed; if not, it isn=E2=80=99= t. There's no need to consider namespace depth, prefixes, or directory l= ayout. The moment we allow "namespace prefixes", we introduce questions that ne= ed to be fleshed out separately and with care. Do we treat "Acme\AuthLib= \Session" and "Acme\AuthLib\Services" as related? Even if they come from= different vendors and are unrelated in any way? Are namespaces hierarch= ical or just flat strings that happen to contain separators? Today namespaces are a name resolution mechanism, not a semantic hierarc= hy. Matching by prefix would start treating them as a package system, an= d I explicitly am trying to avoid that in this RFC. By restricting the rule to exact namespace equality, the feature is stra= ightforward to explain and to understand. It also prevents "accidental" = access because two unrelated namespaces happen to share a prefix. If we ever define a module/package boundary in PHP, a recursive or prefi= x-based visibility could be layered on top. For this RFC, I=E2=80=99m ai= ming for a feature that provides enforceable encapsulation using the bou= ndaries PHP already defines, albeit, loosely through name resolution. If you have a concrete, unambiguous rule for prefix-based access that wo= uldn=E2=80=99t cause surprises or make assumptions about how people orga= nise their codebases, I=E2=80=99d be happy to discuss it. Right now, eve= ry version I=E2=80=99ve explored would reopen the "module"/"package" deb= ate from this summer. =E2=80=94 Rob --d59da614b3b04e50bb9184b0bfbc054a Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: quoted-printable


On Sat, Nov 8, 2025, at 17:50, Rowan Tommins [IMSoP] w= rote:
On 08/11/= 2025 12:43, Rob Landers wrote:
> I=E2=80=99d like to introd= uce an RFC for discussion: 
> visibili= ty modifier: private(namespace).


Hi Rob,

Thanks for putting together the RFC.

My main concern with this and similar single-key= word proposals is that 
its only useful if people lay out= their code in a particular way, rather 
than fittin= g with the variety of namespace hierarchies seen in the wild.
=
For instance, in your example, you have two classes:

- App\Auth\SessionManager
- App\Auth\Sess= ionStore

But if this was library with a set of = interchangeable session stores, it 
might well lay them o= ut like this:

- Acme\AuthLib\Session\Manager
- Acme\AuthLib\Session\Store\SessionStoreInterface
- A= cme\AuthLib\Session\Store\DatabaseSessionStore
- Acme\AuthLib\= Session\Store\FileSystemSessionStore
- etc

In that case, "current namespace plus children" would work, and I'= d be 
interested in your reasoning for requiring an exact= match instead.


But even that mi= ght not be enough, if for some reason it looked like this:
- Acme\AuthLib\Services\SessionManager
- Acme\Auth= Lib\Implementations\SessionStore\SessionStoreInterface
- Acme\= AuthLib\Implementations\SessionStore\DatabaseSessionStore
- Ac= me\AuthLib\Implementations\SessionStore\FileSystemSessionStore
- etc

Here, what we want is visibilty for ever= ything inside "Acme\AuthLib", 
not only in "Acme\AuthLib\= Services".

Since, as you say in another reply, = we don't have a standard definition 
of "module", "packag= e", or "assembly", I think we need a keyword or 
attribut= e which takes as a parameter either the namespace prefix, or the 
number of levels to match.


<= div>-- 
Rowan Tommins
[IMSoP]


Hi Rowan,

T= hanks for the detailed feedback. The exact-match requirement is intentio= nal rather than incidental. In my nested classes RFC, I assumed namespac= es behaved hierarchically, and it was pointed out that isn=E2=80=99t alw= ays guaranteed. So, one of the main design goals with this RFC was to ma= ke a boundary that was crisp and unsurprising: if two pieces of code hav= e the same lexical namespace, access is allowed; if not, it isn=E2=80=99= t. There's no need to consider namespace depth, prefixes, or directory l= ayout.

The moment we allow "namespace prefixes"= , we introduce questions that need to be fleshed out separately and with= care. Do we treat "Acme\AuthLib\Session" and "Acme\AuthLib\Services" as= related? Even if they come from different vendors and are unrelated in = any way? Are namespaces hierarchical or just flat strings that happen to= contain separators?

Today namespaces are a nam= e resolution mechanism, not a semantic hierarchy. Matching by prefix wou= ld start treating them as a package system, and I explicitly am trying t= o avoid that in this RFC.

By restricting the ru= le to exact namespace equality, the feature is straightforward to explai= n and to understand. It also prevents "accidental" access because two un= related namespaces happen to share a prefix.

If= we ever define a module/package boundary in PHP, a recursive or prefix-= based visibility could be layered on top. For this RFC, I=E2=80=99m aimi= ng for a feature that provides enforceable encapsulation using the bound= aries PHP already defines, albeit, loosely through name resolution.

If you have a concrete, unambiguous rule for prefix= -based access that wouldn=E2=80=99t cause surprises or make assumptions = about how people organise their codebases, I=E2=80=99d be happy to discu= ss it. Right now, every version I=E2=80=99ve explored would reopen the "= module"/"package" debate from this summer.

=E2=80=94 Rob
--d59da614b3b04e50bb9184b0bfbc054a--