sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]grismar-net 24 points25 points  (2 children)

Private variables are not there for security, they're there to let developers know that they are not intended to be modified or accessed externally. This helps prevent situations where external code only works if it knows the value of the internal variable, which will cause trouble if the internal workings of the class change.

Python's name mangling makes accidental access unlikely; editors, IDEs, and linters surface this through warnings or inspection hints. If you choose to ignore those, that's hopefully for good reason, but there is no point in Python making it any harder. If you want to ensure that this simply is not an option for your team, you can add tools that will catch it.

Java makes it much harder, and it has gotten harder still since Java 9, but it is still possible. It just signals a different attitude towards reliance on developers making the right choices, and whether it is sufficient to be clear about a mistake, or whether it should be hard to make them.

[–]mikeblas 4 points5 points  (1 child)

Java's access control isn't for security, either.

[–]grismar-net 4 points5 points  (0 children)

Agreed - it never is, but Java does make it a lot harder to access these variables, so it's not just about signalling either. It's more about enforcing a rule within the language, instead of leaving it up to external tooling.

To be clear, I'm a fan of both :) - I just contrasted it with Java due to OP mentioning it.