-
Notifications
You must be signed in to change notification settings - Fork 1.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
String interpolation #4733
Comments
+1 on the benefits of both readability and having a form which tolerates undefined input! Here are a couple considerations/opinions I'd like to write down which might help us in the design process (Anders probably thought through already).
Brainstorming syntaxes:
Update: reference to syntax from other languages: https://petamind.com/string-interpolation-in-different-programming-languages/ |
Awesome feedback, @EKCs! I had not given too much thought to syntax before, so your brainstorming was much appreciated. Some spontaneous thoughts on the above:
Or we could simply require
I could imagine one option to be how undefined should be handled in interpolation, i.e. if it should be printed or halt evaluation. As for the backticks option, that actually exists in Rego already :) Used for multiline strings and regex. |
💯 Definitely only string literals. My preferred way here would be to not introduce new string delimiters, but go with some |
Yeah, I agree that it's very unlikely. But maybe better to play it safe? I don't have a strong opinion on that. One concern with having this enabled for all string literals is if this would have any noticeable impact on performance? I doubt the scan is going to be expensive, but maybe there are some policies with a lot of strings defined? For a large JSON string, there's going to be a lot of |
🤔 Well this might be a good point for using something that's not valid JSON. I.e. if we used I'm mostly thinking that at some point, I'm confident we'll want to put more than plain refs into that... Thinking more about this, maybe we should pick a common implementation (JS? Ruby? Python?), and mimic that closely. For one thing, much thought has probably already been put into this; for another thing, we'll be able to say "it just like JS" 🙃 |
Sounds like a good way forward! And yeah, I can definitely see how people would want to have at least some simple logic included in interpolation. I think resolving refs would be a very good first step though! Thinking more about it, it's probably not very common to have large JSON strings in literals 🤔 The only use case I could think of is tests, but even there there aren't many reasons I can think of to do that instead of providing deserialized objects directly. Hah! Had not thought of nested Backtick-strings could also remain "uninterpolated", so that there's an alternative to use if someone really wants to have |
I think JWKS are the exception here. I think some built-ins expect their JWK in string-of-json format 😬 |
That's true, but I wonder how common it is to have those hard coded in the policy, as opposed to provided either via |
This issue has been automatically marked as inactive because it has not had any activity in the last 30 days. |
Bumping for 1.0 @ashutosh-narkar @johanfylling :) Most of the concerns raised about this have either been about backwards compatibility (i.e. can't use existing string syntax) or about introducing new syntax. Neither should be a problem for a 1.0 release. My vote is on using existing string syntax for this, and something like |
This issue has been automatically marked as inactive because it has not had any activity in the last 30 days. Although currently inactive, the issue could still be considered and actively worked on in the future. More details about the use-case this issue attempts to address, the value provided by completing it or possible solutions to resolve it would help to prioritize the issue. |
Having string interpolation similar to Python f-strings in Rego would allow for more succint policy, while arguably improving readability by removing the ceremony associated with
sprintf
.Another issue potentially addressed by this would be the common mistake of not handling undefined when referencing input/data in
sprintf
arguments. These will halt evaluation as any other undefined reference, but in the likely most common use case forsprintf
— building a "message" or "reason" string to populate a partial rule set, whether a value is undefined or not is likely not interesting enough that you'd want it to affect the actual outcome of the evalutation.This would arguably improve string handling not just with regards to
sprintf
, but improve things like simple concatenation, which is currently somewhat verbose:Some design decisions would obviously need to be made here, like how to differentiate an "interpolation string" from a regular one, whether (simple?) expressions should be allowed in the interpolated values or only direct references, and perhaps there could be an "interpolation form" where undefined does fail evaluation, etc..
I don't have all the answers, but here's at least a starting point :)
The text was updated successfully, but these errors were encountered: