Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:98901
Return-Path: <php@golemon.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 94535 invoked from network); 28 Apr 2017 21:30:43 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 28 Apr 2017 21:30:43 -0000
Authentication-Results: pb1.pair.com smtp.mail=php@golemon.com; spf=softfail; sender-id=softfail
Authentication-Results: pb1.pair.com header.from=php@golemon.com; sender-id=softfail
Received-SPF: softfail (pb1.pair.com: domain golemon.com does not designate 209.85.128.179 as permitted sender)
X-PHP-List-Original-Sender: php@golemon.com
X-Host-Fingerprint: 209.85.128.179 mail-wr0-f179.google.com  
Received: from [209.85.128.179] ([209.85.128.179:34066] helo=mail-wr0-f179.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 18/42-01540-084B3095 for <internals@lists.php.net>; Fri, 28 Apr 2017 17:30:42 -0400
Received: by mail-wr0-f179.google.com with SMTP id l9so39954800wre.1
        for <internals@lists.php.net>; Fri, 28 Apr 2017 14:30:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=golemon-com.20150623.gappssmtp.com; s=20150623;
        h=mime-version:sender:in-reply-to:references:from:date:message-id
         :subject:to:cc;
        bh=sIkNFpUJjV64wPWmCQLGzQfdhwoH4wpQroYWe/3hzp0=;
        b=xc432u7LTPbDMfnCVoMs4xV/7ANP/NNzpe4lP+6I85SOH28uP3gNexWw2iR7jY9wz+
         nu57Fw1AhF4cfQI9h+YvYMCXluc7386O4A8Vv6sDrOa/y9qVkyU24nCf5cUPUc1PaZ16
         Ozzh3CnZ/m8yfXFmiaEpb06CXSLvU/ybLdEKgdNB4rTXgVj9krp6x8oz/stScQacqQV7
         YQedQT8637KTqQthChnXAwKG6/J7O+7Ez9az2OjAabZ0eCqWAvjhMQ16laHaGFJhWeNq
         h8I3W9BQ4L0M7qsHmxKi70DsOvadRsaOkiNCupGvnXMCevlwttE1TtJ0LDdaws1h9XCF
         P3fA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:sender:in-reply-to:references:from
         :date:message-id:subject:to:cc;
        bh=sIkNFpUJjV64wPWmCQLGzQfdhwoH4wpQroYWe/3hzp0=;
        b=MvvhUb49shc1oBf8Es5OAfCnJnEXENASgqWRzusgAUn8Rh1rKEhayjaKkNBkaQ/7VB
         2I+81TS42D49/KP33c3JiAv8FYjGE70jOBIYf2MBR8Z8jLm7TvCRzUD3wfUW+4hpB2Vo
         Tz4mKOg5McVtYlWgrnIm8JSMKPisNxCteMjhxW9AmKP3vFVfD0qatF0DcQDpqWLxLOqA
         NGDQOzsKU724SiaMGK1L+572BKI8xqZeenUmfUCnIHj2fK0MGFZgbtvUjbG8BQXLd7Yf
         SlqV0qYs1ZMmSxDp7VyPwv6dKSHQDBhxwVpJOKQiCoZgcMflaAELIBRoj6SfQb+UBB4L
         DcVg==
X-Gm-Message-State: AN3rC/6nBQ9rC4QqKzNQZuFlTSLFucj8auSu18c+TkS3rjpFptU6ridA
	ZWI/UcgnyZlH5et8RPVbBAyKX2JDxw==
X-Received: by 10.223.178.18 with SMTP id u18mr8719707wra.179.1493415036765;
 Fri, 28 Apr 2017 14:30:36 -0700 (PDT)
MIME-Version: 1.0
Sender: php@golemon.com
Received: by 10.223.157.38 with HTTP; Fri, 28 Apr 2017 14:30:35 -0700 (PDT)
X-Originating-IP: [73.9.224.155]
In-Reply-To: <398456D8-170A-4629-B6FF-D64F6DDB9C9A@gmail.com>
References: <CAJaRsPsfWtKbke8VvM-na=vCm0E6T62gmamj2V8sJiHRFB7FLQ@mail.gmail.com>
 <c34c89e3-41d7-afd0-e41a-34d037471603@fischer.name> <CAESVnVogVsYTUvyOt3_nDPMNR8jeyt2vvV=RByJ1C9FP1nVOZQ@mail.gmail.com>
 <398456D8-170A-4629-B6FF-D64F6DDB9C9A@gmail.com>
Date: Fri, 28 Apr 2017 16:30:35 -0500
X-Google-Sender-Auth: gMAkg_EGSQJ3CkoVdZ8MeOhHQ_8
Message-ID: <CAESVnVqWHD6mf6oxO9n+WcaMCXOJWfob=ikKNGy-v4KwnGoz-A@mail.gmail.com>
To: Rowan Collins <rowan.collins@gmail.com>
Cc: PHP internals <internals@lists.php.net>
Content-Type: text/plain; charset=UTF-8
Subject: Re: [PHP-DEV] [RFC] Enable strict_types checking for curl_setopt()
From: pollita@php.net (Sara Golemon)

On Fri, Apr 28, 2017 at 2:29 PM, Rowan Collins <rowan.collins@gmail.com> wrote:
> On 28 April 2017 18:54:09 BST, Sara Golemon <pollita@php.net> wrote:
>>On Fri, Apr 28, 2017 at 9:34 AM, Markus Fischer <markus@fischer.name>
>>wrote:
>>> To me the intention of strict types is clearly on the functions
>>publicly
>>> visible contract, i.e. it's reflectable parameters and not some
>>business
>>> logic hidden inside a function.
>>>
>>So you feel that declare(strict_types=1); should never apply to
>>internal functions?
>
> I don't see that assertion implied in any of the objections on this thread.
>
It's implied by the statement of yours that I quoted. "To me the
intention of strict types is clearly on the functions publicly visible
contract, i.e. it's reflectable parameters and not some business logic
hidden inside a function."

Internal functions do not have reflectable type hints (apart from
array and object), ergo by your criteria you feel that strict types
does not apply.  Your words.

> The objection is that type checking currently only occurs at function boundaries:
> their signatures are matched against provided parameters, and their return
> declarations against returned values. The entire feature is equivalent to the
> compiler injecting either casts (weak mode) or assertions (strict mode) at the
> beginning and end of function definitions, *and nowhere else*.
>
But that isn't how strict type enforcement works in internal
functions.  I realize I'm being pedantic here, but since the objection
is on semantics grounds, I feel I must apply the same standards of
semantics to the counter argument.

The state of the PR at the moment is to apply function-entrance
criteria to arguments, the only thing which makes it (somewhat)
special is the degree of deferment from the C function entry till the
types are checked.  I say "somewhat", because it is not unique in this
regard, many internal functions apply varying signatures based on
initial argument and/or number of arguments.  See pg_*() functions for
my favorite example of this, though there are several examples in
standard as well.

> This RFC introduces a check at a different point in the function:
> after the parameters have been examined, based not on the
> signature of the function, but an internal set of rules.
>
Repeat; See above, this is not unique.

> Notably, this is not a type of check that could be made in a userland function -
> or, rather, it would have to be made unconditionally, since the strict_types setting
> is explicitly invisible to the callee.
>
Agreed, but userland and internal functions are not created equal and
this behavior is still not without precedent.

> So, while I agree that checking the argument types for curl_setopt() is highly desirable,
> I am sympathetic to the argument that strict_types should not alter those checks.
>
We disagree.

> That leaves us with either checking the types unconditionally (a significantly breaking change)
> or introducing a new, type-safe, API.
>
It also leaves us with the third option of what is presented by the
PR.  You do not have absolute veto.

> That could mean a small but awkward set of type overloads
> (setBool, setInt, etc), or a large set of named setters
> (setReturnTransfer, setHeaders, etc) which could use
> normal parameter hinting to interact with strict_types.
>
Eww. Eww. And eew.

I reject the idea of making a worse API for the sake of an artificial
purity standard which has long since been violated elsewhere.

> As I mentioned, I think the entire PHP curl API is unnecessarily complicated
> to use, and the overloading of parameter types in curl_setopt actually
> contributes to this rather than simplifying anything.
>
I agree that the overloading of the curl_setopt() function is the
cause of a problem.  I just disagree that allowing opt-in validation
of those types fails to solve it.

-Sara