Arbitrary self types v2: shadowing semver break. #15117
Conversation
|
Thanks for the pull request, and welcome! The Rust team is excited to review your changes, and you should hear from @ehuss (or someone else) some time within the next two weeks. Please see the contribution instructions for more information. Namely, in order to ensure the minimum review times lag, PR authors and assigned reviewers should ensure that the review label (
|
rustbot
added
A-documenting-cargo-itself
|
This was requested by @obi1kenobi |
adetaylor
force-pushed
the
shadowing-breakage-doc
branch
from
ecf185b to
480cc46
Compare
|
I'm working a little bit on the code examples here. @rustbot label -S-waiting-on-review +S-waiting-on-author |
rustbot
added
S-waiting-on-author
adetaylor
force-pushed
the
shadowing-breakage-doc
branch
from
480cc46 to
7d0db1c
Compare
|
@rustbot label +S-waiting-on-review -S-waiting-on-author |
rustbot
added
S-waiting-on-review
This is a pre-existing risk of semver breakage for types implementing Deref<Target=T>. It's made more apparent by the arbitrary self types v2 change, and will now generate errors under some circumstances. This PR documents the existing risk and the new ways it can be triggered. If it's seen as desirable to document the existing risk before Arbitrary Self Types v2 is stabilized, we can split this commit up into two. One of the two code examples here is marked "skip" because it depends on the nightly feature which is under discussion for stabilization. Part of rust-lang/rust#44874 Stabilization PR rust-lang/rust#135881
adetaylor
force-pushed
the
shadowing-breakage-doc
branch
from
7d0db1c to
1f44f8e
Compare
| If you have a type which implements `Deref<Target=T>`, you must not add methods | ||
| which may "shadow" methods in `T`. This can lead to unexpected changes in | ||
| program behavior. |
There was a problem hiding this comment.
"must not" is too strong.
This is intentionally done and relied on in a number of cases.
There was a problem hiding this comment.
Would you agree with the statement if I say:
If you have a type which implements Deref<Target=T> for an arbitrary user-controlled T, you must not add methods which may "shadow" methods in T.
I'm quite keen to give a precise hard rule because it will make it easier for the cargo semver folks, if nothing else.
If you still think that's not a true statement, could you give examples of where this is intentionally done and is OK? Some of these cases will turn into hard errors when/if rust-lang/rust#135881 lands.
There was a problem hiding this comment.
I appreciate the precision in the rule — indeed very helpful.
For cargo-semver-checks purposes, the use of "must not" vs a different verb doesn't matter too much. We'll implement the same lint either way, since the goal of the tool is to notify maintainers that something risky / worth a look has happened and not to tie their hands about it. There are legitimate situations where users may ship known-breaking changes in non-major releases, and that's fine. We look to prevent unknown-breaking changes from happening.
There was a problem hiding this comment.
@obi1kenobi @workingjubilee I'd appreciate a little more advice here about how to resolve this concern.
There was a problem hiding this comment.
I'm fine with whatever @adetaylor and @workingjubilee decide on. I thoroughly trust your judgment.
There was a problem hiding this comment.
As a possible path forward, in an effort to save everyone else's valuable time:
| If you have a type which implements `Deref<Target=T>`, you must not add methods | |
| which may "shadow" methods in `T`. This can lead to unexpected changes in | |
| program behavior. | |
| If you have a type which implements `Deref<Target=T>`, adding methods to that type | |
| which may "shadow" methods in `T` can cause breaking changes in program behavior. |
This uses factual tone ("the change is breaking") and defers "must/should" level decisions to maintainers' judgment.
This section of the reference has been oversimplistic for some time (rust-lang#1018 and rust-lang#1534) and various rewrites have been attempted (e.g. rust-lang#1394, rust-lang#1432). Here's another attempt! My approach here is: * Stop trying to keep it short and concise * Document what actually happens in the code, step by step This does result in a long explanation, because we're trying to document nearly 2400 lines of code in `probe.rs`, but doing otherwise feels as though we'll continue to run into criticisms of oversimplification. This rewrite documents the post-arbitrary-self-types v2 situation, i.e. it assumes rust-lang/rust#135881 has landed. We should not merge this until or unless that lands. This PR was inspired by discussion in rust-lang#1699. If we go ahead with this approach, rust-lang#1699 becomes irrelevant. There was also discussion at rust-lang/cargo#15117 (comment)
|
@obi1kenobi In this comment you say that this example is educational. Just to be explicit, I'm not planning to make changes to this PR based on that example, since I think it's independent of the "arbitrary self types v2" work. |
This is a pre-existing risk of semver breakage for types implementing Deref<Target=T>. It's made more apparent by the arbitrary self types v2 change, and will now generate errors under some circumstances. This PR documents the existing risk and the new ways it can be triggered.
If it's seen as desirable to document the existing risk before Arbitrary Self Types v2 is stabilized, we can split this commit up into two.
Part of rust-lang/rust#44874 Stabilization PR rust-lang/rust#135881