interpolation proposals and safety
Adam D Ruppe
destructionator at gmail.com
Fri Aug 30 13:46:48 UTC 2024
On Friday, 30 August 2024 at 11:18:10 UTC, kdevel wrote:
> Ideally compilation of such unadorned writes would fail.
for what its worth, after starting to use this more, I'm actually
inclined to agree with you.
The idea behind 1036e is that it allows the language to provide
the pieces that library authors can use to make things that do
the right thing. Two existing library functions work with it out
of the box in a reasonably good way: std.conv.text and
std.stdio.writeln.
I've seen people in the wild using std.conv.text to do things
like make sql queries - exactly what you're not supposed to do.
We want some way to do a toString, but it should be a bit of a
pain: doing it the right thing should be the easy way. Some of
this is just because library support is still a bit immature - I
still haven't even put it in place in all the places arsd wants
it - but part of it means committing to the change too.
So like we currently have `db.query(string, args...)` and...
maybe that should be deprecated, so people stop trying to do
`db.query(text(istring))`. Maybe text(istring) itself should be
deprecated. It is some breakage though that requires users update
their compiler so that makes it more complicated. Also, you
sometimes DO want a runtime string, so it probably more of a
rename than a remove.
I didn't think about using writeln directly in a cgi context.
There's MUCH better ways to make cgi programs! And much better
ways to construct html too. And those libraries tend to make you
be more careful with these cases. But indeed, writeln bypasses
all that. I do think this is a harder case though... outright
banning writeln in these cases isn't super realistic so the
question is where you balance people's capability of doing it
wrong with the flexibility to build anything on top at all.
A lot of it comes back to making the better way the easy way: use
my cgi library, and `cgi.write(i"istring")` is a compile error.
But it still doesn't prevent you from bypassing the library and
doing it wrong. Still, my feeling is if you make the right way
just as easy as the wrong way, at least it helps point people the
right way.
More information about the Digitalmars-d
mailing list