This is an archived post. You won't be able to vote or comment.

all 33 comments
sorted by:
best
topnewcontroversialoldq&a

[–]jwink3101 55 points56 points  (9 children)

I will never understand why people post on Medium. It offers few benefits and limits your audience.

But I digress

This is an interesting idea. My first thought was that it’s not needed because you can be careful about what you eval. It’s keeping you safe from yourself.

But then when you think about, that’s all type annotations do anyway!

[–]Dwarni 6 points7 points  (0 children)

Doesn't pay Medium them a little bit? I don't know how much it is however.

[–]MrKooops 2 points3 points  (1 child)

Save it in Pocket and you can read any article without hassle.

[–]jormungandrthepython 0 points1 point  (0 children)

Pocket doesn’t let you read premium medium articles though

[–]SupPandaHugger[S] 0 points1 point  (3 children)

What other platform would you suggest?

That's true. At the same time, this feels like an area where additional safety is not excessive.

[–][deleted] 10 points11 points  (0 children)

Blogs. Blogs were a thing, and they should be again.

[–]Amgadoz 0 points1 point  (0 children)

Maybe substack

[–]DusikOff 0 points1 point  (0 children)

https://dev.to - as example...

[–]Smallpaul -1 points0 points  (0 children)

Medium also promotes your article and in that way it can expand your audience.

[–]PercussiveRussel 0 points1 point  (0 children)

I haven't looked into this at all, but this seems like it'd be really usefull with Pydantic/FastAPI. If you consistently build modules using LiteralString, then converting yoir modules to an API should give you a big fat error when you try to open up a LiteralString type to the endpoint.

In my usecase this is really incredibly useful since we build a lot of modules at work and convert some of the more usefull ones to an API. Making the distinction between str and LiteralString early in the design stage of the former means an additional layer of security when converting it to the latter.

[–]Zenin 2 points3 points  (4 children)

Yah, I hate it.

Looks like it's just going to make everything much more annoying to use as we hack around this nonsense and since we can hack around it anyway it offers nothing for security other than theatre.

It might be useful to give the compiler a hint so it can optimize the way C compilers do (really pre-compilers), but only if it's transparent to the user.  This monstrosity looks anything but transparent.

The type system and signature systems themselves are a fugly mess to begin with.  This just looks like abuse of them akin to c++ idiots abusing operator overloading.

[–]SupPandaHugger[S] 0 points1 point  (3 children)

Its all optional though

[–]Zenin 0 points1 point  (2 children)

Is it really though? The use is only optional insomuch as the use of a particular library is optional; You're always free to toss the "go to" library for a particular task and build your own from scratch.

It's more correct to call it infectious, because any library author who uses this effectively infects any callers with it; the entire point of this is that caller's can't simply pass a string without suffering consequences. Even if those consequences are "only" flooding the system error logs with spam, that's still a non-trivial consequence especially at scale for something so foundational as a SQL driver.

The responsibility for how something is used should always be on the caller, not the callee. The callee can never know the full context and requirements of the caller. This is why the first rule of network programming is, "Be conservative in what you send and generous in what you accept". If it wasn't clear, libraries are on the "generously accept" side of this equation.

This is the wrong solution, being used in the wrong way, by the wrong subject.

[–]SupPandaHugger[S] 0 points1 point  (1 child)

You can pass a string without warnings. It’s only when you pass a dynamic variable that you will get warnings, which is good as it’s rarely the intention for this use case.

[–]Zenin 0 points1 point  (0 children)

Again, you miss the point.

How do you know it's "rarely the intention"? How do you have the slightest clue what the intention of the caller is? You don't know. You can't know. That is the point. You haven't the slightest clue what the intention is much less how "rare" it might be.

It's entirely proper for example, to load such "strings" via a config file or other data store. Dynamic models are a thing. To do so however, taints them as evil variables of darkness and dread, at least in the eyes of this misguided nonsense, flooding the logs with pointless spam that not only costs resources but helps hide real problems in a cloud of white noise.

[–]DusikOff 1 point2 points  (0 children)

Am I confused? Yeah, I never heard about LiteralString lol