Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:130389 X-Original-To: internals@lists.php.net Delivered-To: internals@lists.php.net Received: from php-smtp4.php.net (php-smtp4.php.net [45.112.84.5]) by lists.php.net (Postfix) with ESMTPS id 094691A00BC for ; Wed, 18 Mar 2026 12:20:28 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=php.net; s=mail; t=1773836432; bh=pXqbbdnz3l+bwZ8UasAXbLa+DmWQuCvNZbPEn2IZBFk=; h=Date:To:From:Cc:Subject:In-Reply-To:References:From; b=Is4FMASU/eR+WNG7qZ1zU2u/RTN/3TtpnyhqAs6fDyZn9Go0ow7z3t+x2eV1ZnTs3 Y4+tM6bwIWZJ9J/gRYk7UMEh/6MnkbvS/S/w8jEKWkUXy1Hp7Ham2yh6noP2VywPNz Q8/6SPmZ00tlW+sKdnzKOPjRgRxGXmQIUgf1bcPwVdD1m2mDLVXHOxIqHwr2AxYOye IwwDwkM0VxRz5p+e0NMsJVMVvxFIm1Qy/o3ya8B8GQ7BS0Dqt7eBT/kx99KAdvtSx8 X2yBo9Qrd2ytRr8XpaN9Z1cd6uZNeC1YEzMQgU1J5/Dfe9VEOw6fa3wxjrsYm0xcZS QIdClVTFXPR3w== Received: from php-smtp4.php.net (localhost [127.0.0.1]) by php-smtp4.php.net (Postfix) with ESMTP id 7EED5180068 for ; Wed, 18 Mar 2026 12:20:30 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-25) on php-smtp4.php.net X-Spam-Level: X-Spam-Status: No, score=-0.1 required=5.0 tests=BAYES_50,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,DMARC_PASS,RCVD_IN_DNSWL_LOW, SPF_HELO_PASS,SPF_PASS autolearn=no autolearn_force=no version=4.0.1 X-Spam-Virus: No X-Envelope-From: Received: from mail-106105.protonmail.ch (mail-106105.protonmail.ch [79.135.106.105]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by php-smtp4.php.net (Postfix) with ESMTPS for ; Wed, 18 Mar 2026 12:20:30 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gpb.moe; s=protonmail2; t=1773836422; x=1774095622; bh=pXqbbdnz3l+bwZ8UasAXbLa+DmWQuCvNZbPEn2IZBFk=; h=Date:To:From:Cc:Subject:Message-ID:In-Reply-To:References: Feedback-ID:From:To:Cc:Date:Subject:Reply-To:Feedback-ID: Message-ID:BIMI-Selector; b=ndooQsd/UbabDagvkwt1baOYTp53SH7HwqNBpIJ2iywvLcwTDiRSERD8kk6HSBSOG rcWCSot8QjAFAjhBA9dOUpTcnsK1z+Fsk1z/XU11v0khJQUo0aK8JhcnT8KCNlo/Zb WWD58Xlb+oVc7v1LcOenHbQ6M26GNf6s2gCmad2DgF4kogHuUvhMed8s7E60ujyCl8 yKpoHDfYUXUZeR/TynlYPsSoiS6BuMH3mV+lcGmWcs2Vb+QvQRnrcU33IOJsbCn9jv 6ZdFw50dWctNEoGGoXnU2dGMUXjXZuEffp+ZcUYQryD+oIs/x0/MjhT8V+IzDWyghL aT+AoJnMEv1Eg== Date: Wed, 18 Mar 2026 12:20:18 +0000 To: Kamil Tekiela Cc: PHP internals Subject: Re: [PHP-DEV] [RFC] Exempt input type and value validation from BC Break policy Message-ID: In-Reply-To: References: <650FCF24-CDBD-4F37-BA50-6D691EE3E3E1@cschneid.com> Feedback-ID: 96993444:user:proton X-Pm-Message-ID: cf2312484bf8656c9937dce496d34d76b0c5b368 Precedence: list list-help: list-unsubscribe: list-post: List-Id: x-ms-reactions: disallow MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable From: internals@gpb.moe ("Gina P. Banyard") On Monday, 9 March 2026 at 13:53, Kamil Tekiela wrot= e: > [...] >=20 > I am, however, concerned about one thing. If we don't require RFCs > there may be situations when a contentious validation is introduced. > For example, many validations can be implemented in such a way that > they don't cause additional performance loss, but let's say someone > decides that validating the value provides more benefit than the > performance cost. Without RFC, the community cannot share their > feedback, and one person's opinion wins. But if the function is used > with the correct values 99.99% of the time and it's used in the hot > code, the performance cost isn't worth catching the accidental invalid > value. I don't think this concern is warranted in practice for at least 2 reasons: - The majority of those functions are not going to be purely computational = functions and are tied to some I/O operation - These input checking guards should be wrapped in UNEXPECTED() hinting to = the CPU that they should optimize for this branch not to be taken Best regards, Gina P. Banyard