What's the behavior of nested function?

tc39 / proposal-function-implementation-hiding

JavaScript language proposal: function implementation hiding

https://ci.tc39.es/preview/tc39/ecma262/pull/1739

MIT License

98 stars 7 forks source link

What's the behavior of nested function? #41

Open hax opened 4 years ago

hax commented 4 years ago

This is the question from @welefen .

function f(x) {
  return function g() {
    'hide source'
    return x
  }
}
f.toString() // is source code of g() still available here?

function f(x) {
  return function g() {
    'hide source'
    return x
  }
}

or B:

function f(x) {
  return function g() { [native code] }
}

I guess it should be A but can't find direct answer about it in the README.

ljharb commented 4 years ago

I would expect it to be A.

hax commented 4 years ago

Yeah I also expect it to be A, but it means even a function is marked as "sensitive" (assume have the same behavior as "hide source" in toString() usage), the source code is still available if you can get the outer function. For example, even I can mark a class method "sensitive", it's easy to find the source from obj.constructor.toString(). And hiding class is clumsy due to #21 . The result may be "just mark the whole file sensitive!" which seems increase the risk of abusing these powerful directives and cause problems in the ecosystem (like collecting error stacks for bug tracking).

ljharb commented 4 years ago

If you expose an object you didn’t mean to, someone can mutate it too - that doesn’t mean everyone just freezes everything just in case they make a bug :-)

michaelficarra commented 4 years ago

The proposal spec text says A, and I would expect A, though this admittedly does seem like a footgun. I will raise the issue during my next presentation.