This has been accepted and merged. Thanks everyone. On Sun, Mar 5, 2023 at 4:12 PM Bruce Tate <br...@grox.io> wrote:
> This change would be a most welcome one. Sigils are going to be more > important as Elixir expands into new domains, and it's helpful to have > clues to what each sigil does. > > The restrictions to upper case seem to be reasonable ones. > > -bt > > On Sat, Mar 4, 2023 at 3:15 AM José Valim <jose.va...@dashbit.co> wrote: > >> Sigils in Elixir are currently limited to a single letter. We had many >> discussions in the past about allowing more letters but they were >> ultimately rejected because of lowercase sigils. >> >> The issue with multi-letter lowercase sigils is that: >> >> 1. they are ambiguous to humans >> 2. they are ambiguous to machines >> 3. they may have security implications >> >> For instance, I would say that sigils in Elixir have quite distinctive >> features: >> >> var = ~w"foo" >> var = ~w[bar] >> >> Tilde, a letter, and the content surrounded by terminators. However, >> given how most identifiers in the language are lowercase, I think using a >> multi-letter starts to become less clear. For example, imagine we supported >> a sigil named opts: >> >> var = ~opts[bar] >> >> That's awfully close to: >> >> var =~ opts[bar] >> >> Which would in fact be ambiguous at the parser level. >> >> The other aspect is that security recommendations suggest different >> interpolations to be used for different aspects. For example, imagine >> someone wants to implement a SQL query sigil that automatically escapes >> characters. Today, one could write this: >> >> ~q""" >> SELECT * FROM posts WHERE id = #{id} >> """ >> >> And that would be safe! But the fact we are using interpolation means >> someone can simply forget the ~q at the front and write an _unsafe_ query. >> It would be much better if the interpolation is different altogether: >> >> ~SQL""" >> SELECT * FROM posts WHERE id = {{id}} >> """ >> >> On one hand, it may feel inconsistent to have different ways to >> interpolate, but at the same time it is reasonable to use different >> mechanisms when different behaviours and security trade-offs are involved. >> Especially because #{...} typically means string conversion and that's not >> the case for SQL queries (it is simply parameter placement). >> >> With all of this in mind, the suggestion is to allow only multi-letter >> uppercase sigils. Most sigils are uppercase anyway: >> >> 1. Elixir defines 4 lowercase sigils (~r, ~s, ~w, and ~c) but 8 uppercase >> ones (the four previous plus ~T, ~D, ~N, ~U for datetimes) >> 2. Nx uses ~V and ~M for vectors and matrices respectively >> 3. LiveView uses ~H, Surface uses ~F, and LiveView Native will need at >> least two uppercase sigils for Swift UI and Jetpack Compose >> >> Therefore, I would like to propose for multi-letter uppercase only sigils >> to be introduced and be, from now on, the recommendation for new libraries. >> This means we won't deprecate ~T, ~D, ~N, ~U in Elixir, but there is still >> time to rewrite ~V and ~M in Nx to ~VEC and ~MAT. LiveView and Surface can >> decide if they want to migrate or not, ~SF may be a better choice for the >> latter, but LiveView Native can choose to support, for example, between >> ~JETPACK or ~JC if it prefers an abbreviation. >> >> Looking forward to feedback, >> >> >> >> -- >> You received this message because you are subscribed to the Google Groups >> "elixir-lang-core" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to elixir-lang-core+unsubscr...@googlegroups.com. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/elixir-lang-core/CAGnRm4KTx%2BYW02gQLvH-ihyhgv6dAhjrwSEdhP81niuvjrWfTg%40mail.gmail.com >> <https://groups.google.com/d/msgid/elixir-lang-core/CAGnRm4KTx%2BYW02gQLvH-ihyhgv6dAhjrwSEdhP81niuvjrWfTg%40mail.gmail.com?utm_medium=email&utm_source=footer> >> . >> > > > -- > > Regards, > Bruce Tate > CEO > > > <https://bowtie.mailbutler.io/tracking/hit/f8218219-d2a8-4de4-9fef-1cdde6e723f6/c7c97460-016e-45fb-a4ab-0a70318c7b97> > > Groxio, LLC. > 512.799.9366 > br...@grox.io > grox.io > > -- > You received this message because you are subscribed to the Google Groups > "elixir-lang-core" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to elixir-lang-core+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/elixir-lang-core/CAFXvW-6_r_vqo6ccXHT79JQO1RdaLOwdanfSqN7VsxZRWACm_g%40mail.gmail.com > <https://groups.google.com/d/msgid/elixir-lang-core/CAFXvW-6_r_vqo6ccXHT79JQO1RdaLOwdanfSqN7VsxZRWACm_g%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "elixir-lang-core" group. To unsubscribe from this group and stop receiving emails from it, send an email to elixir-lang-core+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/elixir-lang-core/CAGnRm4KpFjfCcihO3mVPMccnyT3ToQiSS49A44AkVUQDgrd%3D%2BQ%40mail.gmail.com.