This has been accepted and merged. Thanks everyone.
On Sun, Mar 5, 2023 at 4:12 PM Bruce Tate <br...@grox.io> wrote:
> This change would be a most welcome one. Sigils are going to be more
> important as Elixir expands into new domains, and it's helpful to have
> clues to what each sigil does.
>
> The restrictions to upper case seem to be reasonable ones.
>
> -bt
>
> On Sat, Mar 4, 2023 at 3:15 AM José Valim <jose.va...@dashbit.co> wrote:
>
>> Sigils in Elixir are currently limited to a single letter. We had many
>> discussions in the past about allowing more letters but they were
>> ultimately rejected because of lowercase sigils.
>>
>> The issue with multi-letter lowercase sigils is that:
>>
>> 1. they are ambiguous to humans
>> 2. they are ambiguous to machines
>> 3. they may have security implications
>>
>> For instance, I would say that sigils in Elixir have quite distinctive
>> features:
>>
>> var = ~w"foo"
>> var = ~w[bar]
>>
>> Tilde, a letter, and the content surrounded by terminators. However,
>> given how most identifiers in the language are lowercase, I think using a
>> multi-letter starts to become less clear. For example, imagine we supported
>> a sigil named opts:
>>
>> var = ~opts[bar]
>>
>> That's awfully close to:
>>
>> var =~ opts[bar]
>>
>> Which would in fact be ambiguous at the parser level.
>>
>> The other aspect is that security recommendations suggest different
>> interpolations to be used for different aspects. For example, imagine
>> someone wants to implement a SQL query sigil that automatically escapes
>> characters. Today, one could write this:
>>
>> ~q"""
>> SELECT * FROM posts WHERE id = #{id}
>> """
>>
>> And that would be safe! But the fact we are using interpolation means
>> someone can simply forget the ~q at the front and write an _unsafe_ query.
>> It would be much better if the interpolation is different altogether:
>>
>> ~SQL"""
>> SELECT * FROM posts WHERE id = {{id}}
>> """
>>
>> On one hand, it may feel inconsistent to have different ways to
>> interpolate, but at the same time it is reasonable to use different
>> mechanisms when different behaviours and security trade-offs are involved.
>> Especially because #{...} typically means string conversion and that's not
>> the case for SQL queries (it is simply parameter placement).
>>
>> With all of this in mind, the suggestion is to allow only multi-letter
>> uppercase sigils. Most sigils are uppercase anyway:
>>
>> 1. Elixir defines 4 lowercase sigils (~r, ~s, ~w, and ~c) but 8 uppercase
>> ones (the four previous plus ~T, ~D, ~N, ~U for datetimes)
>> 2. Nx uses ~V and ~M for vectors and matrices respectively
>> 3. LiveView uses ~H, Surface uses ~F, and LiveView Native will need at
>> least two uppercase sigils for Swift UI and Jetpack Compose
>>
>> Therefore, I would like to propose for multi-letter uppercase only sigils
>> to be introduced and be, from now on, the recommendation for new libraries.
>> This means we won't deprecate ~T, ~D, ~N, ~U in Elixir, but there is still
>> time to rewrite ~V and ~M in Nx to ~VEC and ~MAT. LiveView and Surface can
>> decide if they want to migrate or not, ~SF may be a better choice for the
>> latter, but LiveView Native can choose to support, for example, between
>> ~JETPACK or ~JC if it prefers an abbreviation.
>>
>> Looking forward to feedback,
>>
>>
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "elixir-lang-core" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to elixir-lang-core+unsubscr...@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/elixir-lang-core/CAGnRm4KTx%2BYW02gQLvH-ihyhgv6dAhjrwSEdhP81niuvjrWfTg%40mail.gmail.com
>> <https://groups.google.com/d/msgid/elixir-lang-core/CAGnRm4KTx%2BYW02gQLvH-ihyhgv6dAhjrwSEdhP81niuvjrWfTg%40mail.gmail.com?utm_medium=email&utm_source=footer>
>> .
>>
>
>
> --
>
> Regards,
> Bruce Tate
> CEO
>
>
> <https://bowtie.mailbutler.io/tracking/hit/f8218219-d2a8-4de4-9fef-1cdde6e723f6/c7c97460-016e-45fb-a4ab-0a70318c7b97>
>
> Groxio, LLC.
> 512.799.9366
> br...@grox.io
> grox.io
>
> --
> You received this message because you are subscribed to the Google Groups
> "elixir-lang-core" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to elixir-lang-core+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/elixir-lang-core/CAFXvW-6_r_vqo6ccXHT79JQO1RdaLOwdanfSqN7VsxZRWACm_g%40mail.gmail.com
> <https://groups.google.com/d/msgid/elixir-lang-core/CAFXvW-6_r_vqo6ccXHT79JQO1RdaLOwdanfSqN7VsxZRWACm_g%40mail.gmail.com?utm_medium=email&utm_source=footer>
> .
>
--
You received this message because you are subscribed to the Google Groups
"elixir-lang-core" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to elixir-lang-core+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elixir-lang-core/CAGnRm4KpFjfCcihO3mVPMccnyT3ToQiSS49A44AkVUQDgrd%3D%2BQ%40mail.gmail.com.
