microsoft / TypeScript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
https://www.typescriptlang.org
Apache License 2.0
99.8k stars 12.35k forks source link

Array lookup should return T | undefined #11122

Closed OliverJAsh closed 7 years ago

OliverJAsh commented 7 years ago

TS 2.0.3

    const xs = [1,2,3];
    const x5 = xs[5]; // type is number, expected number | undefined

The type system doesn't know of care about the length of xs, so I would expect any lookup in the array to return T | undefined.

jesseschalken commented 7 years ago

IMO, even the strictest type systems tend to allow unsafe array indexing. I think the reason is that a type system should check things that are within its scope of being proven, but without going into the world of proof assistants and formal verification, virtually all array lookups cannot be proven to the type system to be within bounds, so the only practical result is that xs[i]! gets written everywhere instead, or lookups are done through a function that throws in the case of out-of-bounds.

In other words, there isn't any benefit having a type checker tell you that you failed to prove something without having any means of proving it.

aluanhaddad commented 7 years ago

Duplicate of #9235 See also #5203, 7140#issuecomment-192606629, #6229, and #9842

ewinslow commented 7 years ago

+1 for this. I've been bitten by this compromise a couple times now so count me in for more safety not less!

the only practical result is that xs[i]! gets written everywhere instead

If folks are using an unsafe pattern everywhere, maybe that's exactly what should happen. I don't find it particularly onerous. I guess I'd like to see some data on exactly how much impact this would have on existing TypeScript programs before we write it off as making the language unusable.

  1. how many real bugs it would find
  2. how many false positives
  3. how much it costs to annotate the false positives w/ ! (this could be automated for existing code)

Right now the sentiment I've seen from TS team is that 1 is negligible, 2 is huge, and 3 is prohibitive. Are there numbers to back up these hunches?

Some alternatives to ! proliferating:

Looping over a string[] array with for-of or forEach (or map, etc.) would never emit undefined, since each result is guaranteed to be in-bounds.

The same could be argued for Map<string,string>. map.get('foo') returns string | undefined, but map.set('foo', undefined) would be banned so that when looping over values with forEach or somesuch, you are guaranteed only to get string values, not string | undefined.

aluanhaddad commented 7 years ago

Rewrite loops with for (let item of array) or array.forEach instead of for(let i = 0; i < array.length; i++).

+1000

mhegazy commented 7 years ago

this indeed is a duplicate of #9235. thanks @aluanhaddad.

As noted in #9235, this is an intentional behavior, and without this array access would be fairly unusable under --strictNullChecks.

OliverJAsh commented 7 years ago

If authors enable strictNullChecking then they should expect some boilerplate overhead in return for increased safety. I'm surprised TypeScript isn't consistent in its approach here—as far as I know, this is the only scenario where the team has decided to go against type safety in favour of reduced boilerplate with regards to strictNullChecking?

I'm not too familiar with many other type systems, but Scala does have List.headOption which will return Option<T>, which would be the same thing as T | undefined in TypeScript.

Indeed there would be slightly more boilerplate if we did return T | undefined, as discussed above, but surely the job of the type system is to return the correct type, so the author can handle that correctly.

Without this there will be a whole class of bugs that TypeScript will never catch. 😒 😢

aluanhaddad commented 7 years ago

@OliverJAsh Scala is an interesting example but headOption is a way to get the first element in a collection that may or may not be empty instead of first checking if the collection is empty. But the result of headOption on some TraversableLike[T] is still an Option[T] so we are just deferring the check.

Consider the following Scala:

case class Something(name: String)

var xs = Vector[Something]()
def unsafe = {
  xs head
}
def safe = {
  xs headOption
}
println(safe match {
          case Some(s) => s name
          case _ => "explicit default"
        })
println(unsafe name)

If you index into xs via xs(n) then you get T just like when you call head instead of headOption.

Edit: image

OliverJAsh commented 7 years ago

I'm currently working around this with a helper function:

const arrayHead = <T>(ts: T[]): T | undefined => (
    ts[0]
);
Roaders commented 6 years ago

it seems bizarre to me that this code is OK when pretty much all other possible errors are covered:

var myArray: string[];

const firstItem = myArray[0];

console.log(firstItem.length);

I vote for firstItem here to be string | undefined