[Bug 23532] Dealing with undefined

https://www.w3.org/Bugs/Public/show_bug.cgi?id=23532

--- Comment #32 from Allen Wirfs-Brock <allen@wirfs-brock.com> ---
(In reply to James Graham from comment #31)
> (In reply to Erik Arvidsson from comment #30)
> > Also, whether WebIDL has a more useful behavior is debatable. I haven't seen
> > many (any?) JS libraries follow WebIDL.
> 
> That data would also fit the hypothesis that argument validation is too hard
> to do in JS and people are lazy so don't bother. Given that it is easy to
> make a case that throwing is preferable for API users but no one has even
> attempted to make a case, other than consistency, why not throwing might be
> preferable, I think my alternative hypothesis is significantly more likely.

Step right up.  I've explained this many times to many people but will happily
do it again.

Excess parameter validation is a well known anti-pattern among experienced
dynamic language programmers. It results in code bloat and sometimes
performance issues.

The code bloat is the occurrence of explicit "type" guards that occur over and
over again in every functions. The majority of these are redundant and
unnecessary because, if they really matter for safety (memory or operational),
then the language guarantees the downstream primitive use of the value will
perform the necessary safety checks.  

The performance issue, is that all of these checks are completely unnecessary,
in a well tested  program. In such a program all values will validate correct,
so they add nothing to the actual computational purpose of a function. Put a
lot of these in a hot loop and you have a perf problem.

So when should a function (coded in a dynamic language) perform explicit
parameter validation?  Only when the validation is necessary for maintaining
essential invariants that the function is directly responsible for maintaining
and even then only as a guard on the actual operations that are sensitive to
the value.  Also, never explicitly validate something that is going to be
validate by a primitive operation.

If you are just passing a parameter value on to another function, don't
validate. The function you are calling should perform the validation if it is
necessary for it to maintain its invariants. But more like than not, it also
will just pass the value on and won't need to validate either.

So, aren't APIs special in ways that require that everything must be validate? 
Sometimes, but certainly not always. (See
http://www.wirfs-brock.com/allen/posts/379 for a deeper exploration of this
question).  Many web platform APIs are just routine functions that are not
special in any way and don't require any dynamic parameter validation.

-- 
You are receiving this mail because:
You are the QA Contact for the bug.

Received on Thursday, 24 October 2013 17:37:23 UTC