.NET 8 developers can verify more APIs for correct usage to speed up their development #78442
Comments
buyaa-n
added
area-Meta
User Story
|
The
We shouldn't be telling users to change their code in these cases, |
It does, and it's still more costly than the caller just doing it itself. |
Good to know.
Obviously, but then again if |
Likely because it's the most common usage in linq. But I agree that, at least, this probably should have a lower diagnostic level than Suggestion by default. Most code won't benefit from this particular optimization, any code that is sensitive enough to benefit would probably be already aware of this. I also feel that |
|
Just found this (via Nick Chapsas). Re. #78606 - it's a pity that the word "ordinal" does not appear even once... especially wrt ignore-case. I think it should have featured in the discussion. This table looks wrong to me. In every case, the assumption is that the string is linguistic, or is "linguistically relevant". I refer you to:- https://learn.microsoft.com/en-us/dotnet/standard/base-types/best-practices-strings Specifially I refer you to: https://learn.microsoft.com/en-us/dotnet/standard/base-types/best-practices-strings#choosing-a-stringcomparison-member-for-your-method-call For over 20 years, my case-insensitve string comparisons have been wrt
ergo... The number of times I have had to worry about case-insensitivity in linguistic data that's input by the user or displayed to the user: zero. The more common case (by far) for case-insensitive string comparisons is for non-linguistic strings. And getting it right for non-linguistic strings is important for security. In every single case in the table, I'd go for |
|
Instead of sending warning when using public static bool Any<T>(this IList<T> source) =>
source.Count != 0;
public static bool Any<T>(this T[] source) =>
source.Length != 0;
public static bool Any<T>(this ICollection source) =>
source.Count != 0; |
|
As .NET 8 development is wrapping up closing this issue. Thank you, all the contributors, for the hard work and hope you will continue contributing into new analyzers in .NET 9 as we will continue the effort in .NET 9, analyzers that haven't completed with this issue will be moved to a new issue for .NET 9. |
|
I am concerned that analyzers #78606 and dotnet/roslyn-analyzers#6720 and possibly others that are related have been implemented incorrectly, and I left multiple comments 3 weeks ago explaining why - all of which have been ignored. I would like to see some comment on these concerns. We don't want to wrap things up in an incorrect state. My concerns are expressed here:-
|
|
@Bellarmine-Head I assume your comments related to this issue which is not closed and still have 8.0 milestone. I expect @carlossanlop would take care of it within 8.0 timeframe. |
|
@buyaa-n I added my comments to #89740 because you asked me to. I'm not sure what the issue is all about tbh (!) nor how it relates to my main concerns over issues:-
... which are closed/merged, but I believe have been implemented incorrectly for the reasons that I have stated multiple times. It would be great if @carlossanlop and other experts could comment on these concerns. |
|
To expand on my concerns... Let us take the example of #78606 which was opened by @stephentoub It's fixed by dotnet/roslyn-analyzers#6662 Nowhere in the discussion in those two pages is the word "ordinal". This was the first red flag for me. Now, to take a small example, it seems to me that the analyzer will recommend that where you previously did:- you should now do:- This seems reasonable. What you had before, you have afterwards, except arguably in a better form. But you have overlooked something. This section in this long-standing (and correct) article, which has been around in one form or another since 2005, is very clear on the matter. For comparing:-
you should be using For me this boils down to:- "Case-insensitive string comparisons should always use Examples of linguistic strings: a blog piece the user has typed in; a date-time formatted in the user's culture for end-user display. Why you would ever want to compare linguistic strings case-insensitively, I don't know. In 20 years, I've never done it. Comparing (non-linguistic) identifiers, on the other hand, is something you do all day, every day. If our analyzer (and related ones; see links in my post above) doesn't even consider or mention or recommend the
Now, all of this is my opinion. The lack of response to these concerns, which I have written about in sundry places (see links above) concerns me. Talk of wrapping things up for .NET 8 without addressing this issue concerns me. I'm putting in a lot of effort here in an attempt to help... and I'm not getting much/any response from it. |
The issue would be that changing stuff to Ordinal in such case would be a visible behavioural change, which is something that analyzers shouldn't always promote. |
I suspected that something of this sort was involved in the reasoning behind the analyzers, and I get your point. The thing is, if you write code like:- if (stringOne.ToUpperInvariant() == "SOME_CONSTANT")or if (stringOne.ToUpperInvariant() == stringTwo.ToUpperInvariant())then you don't have any kind of We've all written the code above (in some form or another) a thousand times, and it's been fine!! But converting the code to the better For the analyzers to not mention I can tell you that in 20 years I have never had cause to use
As I said above, when on earth would you knowingly want to compare cultural / linguistically-relevant strings? Probably never, even though (oh the irony!) you probably did it all the time with:- if (stringOne.ToUpperInvariant() == stringTwo.ToUpperInvariant())and everything was fine. Bottom line: when comparing two strings case-insensitively, The analyzers should at least clue developers into the |
|
"Hey programmer... You're using:- to do a case-insensitive comparison of two strings, which is fine up to a point. But we'd like you use:- instead, because [insert reasons]. This is better [see reasons], and is the same as what you were doing before. So it's a safe change to make. But wait: if your strings are identifiers (including file paths, Registry keys, case-insensitive internal identifiers, case-insensitive identifiers in standards such as XML and HTTP and case-insensitive security-related settings, etc. see here for the complete list then an even better option is to use:- but doing so will require you to test your code carefully in case the behaviour has changed. For new code, it's best to use the Thanks." |
|
For case-sensitive string comparisons, we do and this gives an ordinal comparison (i.e. So these analyzers are concerned with case-insensitive comparisons for the most part. Recommending to use But a higher, better, nobler and more worthy thing is to recommend the use of Safety of implementation beats out perf any day of the week. The downside is that ppl have to check that there is no change in behaviour, I get that. |
ghost
locked as resolved and limited conversation to collaborators
With the Roslyn Analyzers we built in .NET 5, 6 and 7, we've found that developers benefit from analyzers that verify correct usage of .NET Libraries APIs. We plan to put more effort on adding valuable analyzers in .NET 8, we will continue working with the community to foster contributions into our collection of analyzers and code fixers.
Community contributors: If you'd like to work on one of the issues marked as "up for grabs", please add a comment directly on that issue asking to get it assigned to you. Please check the getting started guide for reference about how to start and what's need to be done.
Analyzers Planned for .NET 8
Approved analyzers
Other analyzer proposals that need to be prepared for API review
in/readonly ref#77625CC @stephentoub @jeffhandley @ericstj @carlossanlop
The text was updated successfully, but these errors were encountered: