-
Notifications
You must be signed in to change notification settings - Fork 206
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Improve brand check #1000
Improve brand check #1000
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good. One minor suggestion for clarifying the error message.
mustBeSameStructure(brand, allegedBrand, 'Unrecognized brand'); | ||
assert( | ||
brand === allegedBrand, | ||
details`the brand in the allegedAmount in 'coerce' didn't match the amountMath brand`, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You have both brands. Can you print them? When I was debugging, this kind of thing has been very helpful.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There's nothing to print. They are objects with a method (which we cannot access) and no properties.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Don't they have getAllegedName()
? That's enough to be useful.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, but the brand will likely be remote, so we can't call it
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That's too bad.
Any chance we can cheat and include the objects so the caller could catch the error and display it themselves? For once, it might be useful to include the opaque object in an error.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please don't pass access by throw. When you throw something, you know very little about who might catch it.
In any case, if you include the brands as substitution holes, e.g.
details`the brand in the allegedAmount in 'coerce' didn't match the amountMath brand: ${brand} vs ${allegedBrand}`,
this will throw an error with the message
`the brand in the allegedAmount in 'coerce' didn't match the amountMath brand: (an object) vs (an object)
See console for error data.`
This avoids even sending the stringification of these substitution values to the catcher by default, under the default assumption that we're willing to reveal the literal part of the details
template literal, but only the typeof
of their substitution value.
OTOH, to the console, we send the actual substitution values themselves, not a mere stringification of them. If you are in the privileged position of receiving what is sent to the console, for example because you provided the console, then you can receive these values directly. For these purposes, we consider this to be loosely equivalent to the privilege level of viewing the computation through a debugger.
Attn @michaelfig and I are working towards a reform in the distributed object system so that presences can carry description strings which will show up in the default builtin console behavior. So to see that, you merely need access to the textual output of the normal console, which is still a debug level of privilege.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@erights, I read what you said above as indicating that stringifying the brands would be useless, and that including the objects would make them accessible to print on the console. OTOH, you also said they shouldn't be conveyed by a throw
.
That sounds like including the objects in the details
object would satisfy both objectives, since the console gets access to details
, but obfuscates the values in the thrown message.
Am I misunderstanding?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Putting brand objects in details will not show anything useful currently. It will show something like { getAllegedName }
(non-presence) or { }
(presence)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
mustBeSameStructure(brand, allegedBrand, 'Unrecognized brand'); | ||
assert( | ||
brand === allegedBrand, | ||
details`the brand in the allegedAmount in 'coerce' didn't match the amountMath brand`, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please don't pass access by throw. When you throw something, you know very little about who might catch it.
In any case, if you include the brands as substitution holes, e.g.
details`the brand in the allegedAmount in 'coerce' didn't match the amountMath brand: ${brand} vs ${allegedBrand}`,
this will throw an error with the message
`the brand in the allegedAmount in 'coerce' didn't match the amountMath brand: (an object) vs (an object)
See console for error data.`
This avoids even sending the stringification of these substitution values to the catcher by default, under the default assumption that we're willing to reveal the literal part of the details
template literal, but only the typeof
of their substitution value.
OTOH, to the console, we send the actual substitution values themselves, not a mere stringification of them. If you are in the privileged position of receiving what is sent to the console, for example because you provided the console, then you can receive these values directly. For these purposes, we consider this to be loosely equivalent to the privilege level of viewing the computation through a debugger.
Attn @michaelfig and I are working towards a reform in the distributed object system so that presences can carry description strings which will show up in the default builtin console behavior. So to see that, you merely need access to the textual output of the normal console, which is still a debug level of privilege.
Above, where I say
I'm not responding to the code. The code already doesn't do this. I'm responding to @Chris-Hibbert 's comment in that conversation. |
See #804 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks @katelynsills for this PR and the investigation for improving the error message!
I approve the Pull Request, but i do not consider it solves #990 because the error message remains generic
I acknowledge the current technical limitation prevents a better solution in the short term
I think this is ok to merge into master since from the user's perspective, all that changes is a single error message which was not documented anywhere. It's also an ERTP issue and not a Zoe issue so doesn't quite fit into Zoe v0.6.0 |
improves the situation described in #990. We still cannot see the allegedBrand name, because the brands may be presences