Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:129168
X-Original-To: internals@lists.php.net
Delivered-To: internals@lists.php.net
Received: from php-smtp4.php.net (php-smtp4.php.net [45.112.84.5])
	by lists.php.net (Postfix) with ESMTPS id BB6FA1A00BC
	for <internals@lists.php.net>; Sun,  9 Nov 2025 15:33:58 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=php.net; s=mail;
	t=1762702443; bh=bd9neaveVv8fO7rrLHQdLCHZLljPtA+y3tCt/Fv9Evk=;
	h=Date:From:To:In-Reply-To:References:Subject:From;
	b=MkncSw03ZndHAIAk5DYPCa+HwcZUe6DZygCdLDRUGuFpH1InehghcHG4RiQIVrIJw
	 NbCjRk9Gzq1qATMfoyHInZ3xY6eTWgKG5+p8yAf1LZKq5M3pUt/xVr9OFbBv5YONL1
	 NC4MbKxvZznIv4ViguyLHeem3dMdG0pP09AiVGZPBcZTTTiYQFURPbOVx/LcyJSv8V
	 H+rDh+YFgKEd6IZB3LAyS7HsktgUtuGAJBcjPTTRXFXb8gO+EmudFAJ4UCFLpeK99r
	 0MlWl6WTXx0lMeYy2A8UemXWrjNduJllcOFfWhU60ROXPlMiR5pyLVLe8QQIQzRwrx
	 OEn5WMuuISjig==
Received: from php-smtp4.php.net (localhost [127.0.0.1])
	by php-smtp4.php.net (Postfix) with ESMTP id 91D7E180041
	for <internals@lists.php.net>; Sun,  9 Nov 2025 15:34:02 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-25) on php-smtp4.php.net
X-Spam-Level: 
X-Spam-Status: No, score=-1.4 required=5.0 tests=BAYES_05,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,DMARC_MISSING,RCVD_IN_DNSWL_LOW,
	SPF_HELO_PASS,SPF_NONE autolearn=no autolearn_force=no version=4.0.1
X-Spam-Virus: No
X-Envelope-From: <larry@garfieldtech.com>
Received: from fhigh-b5-smtp.messagingengine.com (fhigh-b5-smtp.messagingengine.com [202.12.124.156])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (2048 bits))
	(No client certificate requested)
	by php-smtp4.php.net (Postfix) with ESMTPS
	for <internals@lists.php.net>; Sun,  9 Nov 2025 15:34:02 +0000 (UTC)
Received: from phl-compute-04.internal (phl-compute-04.internal [10.202.2.44])
	by mailfhigh.stl.internal (Postfix) with ESMTP id D4FE07A018B
	for <internals@lists.php.net>; Sun,  9 Nov 2025 10:33:56 -0500 (EST)
Received: from phl-imap-02 ([10.202.2.81])
  by phl-compute-04.internal (MEProxy); Sun, 09 Nov 2025 10:33:56 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
	garfieldtech.com; h=cc:content-transfer-encoding:content-type
	:content-type:date:date:from:from:in-reply-to:in-reply-to
	:message-id:mime-version:references:reply-to:subject:subject:to
	:to; s=fm3; t=1762702436; x=1762788836; bh=6UyV9DHXVozstEU/lBBvk
	d97srJVh8UmsArxC/fPt2I=; b=aoqJ6nzg7jZeeWjv/ZLo5iivGAWIlx/qxgNS+
	HseEA1y8WWWOhFFl0iT9qM9yno/ZWSmBKPqGk7QRs3+EOxWkGVgBaoUPkV3JUQQ3
	eLL7VSZrmSjEvPqPpYYUmBRlEwXQzLXhnJXZZV2M9MBcWGDPCVaLv9o0o6ry9JG/
	ZwpAKN5ob42NLywIAhB8kxwl4x9NcxC3F5tv6NfRhTQ1Q0TSo5OhTAEpNth1NSl3
	oHqGr2jjdSEGWq4AFd2nhshZ5J2WmYHI7LdVG6RGf5qazH46buns+cV+gHH3ll4/
	CJd779Q16YIt0ebAEvHSaT4TMV9E4MrqGJrZJXQ/sn15g6ZWg==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
	messagingengine.com; h=cc:content-transfer-encoding:content-type
	:content-type:date:date:feedback-id:feedback-id:from:from
	:in-reply-to:in-reply-to:message-id:mime-version:references
	:reply-to:subject:subject:to:to:x-me-proxy:x-me-sender
	:x-me-sender:x-sasl-enc; s=fm3; t=1762702436; x=1762788836; bh=6
	UyV9DHXVozstEU/lBBvkd97srJVh8UmsArxC/fPt2I=; b=jSMMQCRN5+cb6WsCC
	nx7wNathbfQGA74j6v55muYDqDoG3WwG1F56HyAfN44HzjxVHqoOGttPkwpkk1gC
	vwM6lgWp45mjKH0NfRtsiQOR3BU9AV4XK9tJjuiVb/PRuXiVY8Fn9uKJRjeksD4I
	k7JIBPMX74XbjfrLLoXYX9n+TcdAquNOkSlEhi8WsYkz/ik+ifFEhFwcIybCmoc2
	67d/Ptv29ruTnZJ8QXMAvYKp3fuINLLZIFTHA3U8YjPvi5m412k2XsDHXlJhE+r8
	w4z8QLJ8OP8nAxpjz+qivU6Pyp7S8eQisIZFeEY4q6q7pqin+tqx/dvgsHiAeI1N
	X+MpQ==
X-ME-Sender: <xms:ZLQQaVI2cBW3_LvCEOf5kDA70Toh1im2WJaB3QMm7AzkgA9Xy5gZtw>
    <xme:ZLQQab-gu_yUBdKNtiAJ3pApagJ1SAJ9eE_Ptqdy_9zntwimAnJD7aGU2I0sUMS24
    3k-LcacakipCjMIj7fldCIYJqxHP52rpycv7nT0j8QZZEPH1Q>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeffedrtdeggdduleehjeelucetufdoteggodetrf
    dotffvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfurfetoffkrfgpnffqhgenuceu
    rghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmnecujf
    gurhepofggfffhvffkjghfufgtgfesthhqredtredtjeenucfhrhhomhepfdfnrghrrhih
    ucfirghrfhhivghlugdfuceolhgrrhhrhiesghgrrhhfihgvlhguthgvtghhrdgtohhmqe
    enucggtffrrghtthgvrhhnpeffieeivdfhvdeguddttdegteeiueegvefhteehfeeffeet
    udeitdehtdegjeeuieenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrih
    hlfhhrohhmpehlrghrrhihsehgrghrfhhivghlughtvggthhdrtghomhdpnhgspghrtghp
    thhtohepuddpmhhouggvpehsmhhtphhouhhtpdhrtghpthhtohepihhnthgvrhhnrghlsh
    eslhhishhtshdrphhhphdrnhgvth
X-ME-Proxy: <xmx:ZLQQabaujjzsxne2UQ_zVJEYK0dUM_7Ir5RrTKbhCsQomDNk2vScvA>
    <xmx:ZLQQaaVo9UWWdMaDeU2jKut87JOueOX2C8ssGyOQl2n86Cs-9ORGjw>
    <xmx:ZLQQaa3BwnQ0L17SgnpSkrvN5HN5l7dCRZKmZXoWhK7eaI3k6TTYvA>
    <xmx:ZLQQaZbRFAQPI_3hiBEQxo7KFRhunVfFbjIzasizVvO88xMrKuQHAQ>
    <xmx:ZLQQacnLJ1CVh0OYCn7YN2tzcdcIppli0T3oL1RZ9deNWS8hdyGLiR0U>
Feedback-ID: i8414410d:Fastmail
Received: by mailuser.phl.internal (Postfix, from userid 501)
	id 5FF08700065; Sun,  9 Nov 2025 10:33:56 -0500 (EST)
X-Mailer: MessagingEngine.com Webmail Interface
Precedence: list
list-help: <mailto:internals+help@lists.php.net>
list-unsubscribe: <mailto:internals+unsubscribe@lists.php.net>
list-post: <mailto:internals@lists.php.net>
List-Id: <internals.lists.php.net>
x-ms-reactions: disallow
MIME-Version: 1.0
X-ThreadId: AlPXMw7XXwTo
Date: Sun, 09 Nov 2025 09:33:36 -0600
To: "php internals" <internals@lists.php.net>
Message-ID: <8978174c-04fc-451a-8bf5-cb7c54346318@app.fastmail.com>
In-Reply-To: <2d9f8f1d-e568-4bb5-b30c-0a9e54a8f5fe@rwec.co.uk>
References: <e21b1992-d426-46cd-b86a-6d6a5844c934@app.fastmail.com>
 <f1f694d7-d494-45c5-a4e4-fb39809d3b67@rwec.co.uk>
 <c0bfa15e-1df2-4d87-8092-2531b2bafcb3@app.fastmail.com>
 <72f90052-fa19-415c-9f5a-ae75275fd030@rwec.co.uk>
 <be5c97b7-430d-4d4e-b413-b331c85816e1@app.fastmail.com>
 <2d9f8f1d-e568-4bb5-b30c-0a9e54a8f5fe@rwec.co.uk>
Subject: Re: [PHP-DEV] RFC: Namespace-Scoped Visibility for Methods and Properties
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
From: larry@garfieldtech.com ("Larry Garfield")

On Sat, Nov 8, 2025, at 5:13 PM, Rowan Tommins [IMSoP] wrote:
> On 08/11/2025 21:56, Rob Landers wrote:

>> One advantage of keeping this RFC small is that it can be expanded=20
>> later without a BC break. For example, prefix matching (maybe=20
>> something like `private(namespace: Acme\AuthLib)`) or a=20
>> protected-namespace variant could be layered on top if the community=20
>> wants to go in that direction.
>
> That's a reasonable argument, but the risk is that if we don't conside=
r=20
> what that future scope would look like, we can end up with syntax or=20
> semantics that makes our lives unnecessarily difficult later. As I=20
> understand it, this happened to some extent with the "readonly" keywor=
d.

Exactly the example I was thinking of. :-)  "Junior version first" appro=
aches sometimes work out (FCC doesn't seem to have caused issues for PFA=
 in practice), and other times not (readonly was a major PITA for aviz, =
and even delayed it for a release as we figured out how they should inte=
ract).  I'd much rather know what the "full solution" looks like and pla=
n for it, even if it's in incremental steps, than throw a junior version=
 at the wall and hope for the best.

>> This RFC isn=E2=80=99t intended to solve the entire space; it=E2=80=99=
s the smallest=20
>> useful step that seems to fairly cleanly fit into PHP=E2=80=99s curre=
nt model=20
>> without too much churn on the engine.
>
> I think my fundamental question is: is it actually that useful? How=20
> often, in practice, do people want exact namespace matching, vs=20
> something more flexible?

In practice, the extra-class boundary I most often want is "my composer =
package."  I rarely need to protect things beyond that.

I am broadly in favor of extra-class visibility controls, whether they g=
o through a module system or something else.  Whether the current RFC is=
 a good way of doing so, I am not convinced.

In particular, the syntax is a hard-no.  It runs contrary to how the avi=
z syntax was defined, as others have already noted.

If you don't want to use `internal(set)` to save `internal` for some oth=
er use, that's fine.  Come up with a different keyword. :-)  But <allowe=
d scope>(<operation>) is the syntax model that aviz established, and tos=
sing extra parens in there just confuses things for everyone.

If it really does need to be an entirely separate dimension of scoping, =
then I would argue it's too complex to capture in just keywords and Rowa=
n's attribute proposal becomes even more compelling.

That said, I'm not convinced it is a separate dimension yet.  I'd put "n=
sviz" between public and protected, not protected and private.  The assu=
mption is that your "allowed" scope is something you control.  So if you=
 don't want to use that property from child classes in your own namespac=
e... just don't.  If you don't want to allow it to be used by child clas=
ses in another namespace... then nsviz(get) solves that problem.


I will also note that while it's typical for namespace and file path to =
be 1:1, there's nothing that requires it.  That means any strictly names=
pace-based visibility is trivial to bypass.

For example:


// vendor/foo/bar/Baz.php

namespace Foo\Bar\Baz;

class Careful {
  nsviz string $secret;
}

// /app/User.php

namespace Foo\Bar;

class Invader {
  public function hax(Careful $c): string {=20
    return $c->secret;
 }
}

namespace App;

class User {
  public function doStuff(Careful $c) {
    $secret =3D new Foo\Bar\Invader($c)->hax();
   // Boom, we've read the value.
  }
}


Whether that is a design flaw or a feature is, I suppose, debatable.


--Larry Garfield