<div>Runtime checks: data validation & code validation<br></div><div>Compile-time checks: code validation<br></div><div><br></div><div>What sort of data validation is appropriate for assert statements or contacts that may be skipped due to trading performance for more risk ('optimized out')?</div><div>Checking the value of a Number?</div><div>Checking that a large graph has no cycles?</div><div>Checking that a database table exists and has the appropriate relations and constraints?</div><div><br></div><div>assert statements are skipped at runtime with -O and -OO whether or not they're in [reorderable] aspects applied with decorators, at the beginning or end of a function, or in methods named something like setUp and tearDown.</div><div><br></div><div><a href="https://docs.python.org/3/using/cmdline.html#envvar-PYTHONOPTIMIZE">https://docs.python.org/3/using/cmdline.html#envvar-PYTHONOPTIMIZE</a><br></div><div><a href="https://docs.python.org/3/using/cmdline.html#cmdoption-o">https://docs.python.org/3/using/cmdline.html#cmdoption-o</a><br></div><div><br></div><div><br></div><div>> -O</div><div>> Remove assert statements and any code conditional on the value of __debug__</div><div><br></div><div><br></div><div>> PYTHONOPTIMIZE</div><div>> If this is set to a non-empty string it is equivalent to specifying the -O option. If set to an integer, it is equivalent to specifying -O multiple times.</div><div><br></div><div><br>On Monday, August 27, 2018, Steven D'Aprano <<a href="mailto:steve@pearwood.info" target="_blank">steve@pearwood.info</a>> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">On Mon, Aug 27, 2018 at 11:00:22PM +1000, Chris Angelico wrote:<br>
<br>
> Sometimes "type" doesn't mean the same thing to the language and to<br>
> the human. Suppose you're trying to create a Python script that<br>
> replicates a C program; you might want to declare that a variable is<br>
> not of type "integer" but type "32-bit unsigned integer", with<br>
> wrap-around. Or, wording it another way: "integer modulo 2**32". Is<br>
> that an assertion of type, or of type and value? As a precondition to<br>
> a function, requiring that a parameter be an integer no less than zero<br>
> and no greater than 4294967295 is, in a sense, checking its type and<br>
> its value; but it's kinda just asserting its type.<br>
<br>
It is making an assertion about the value of an instance of type "int". <br>
Its not a separate type requiring an explicit coercion or cast. Its just <br>
a non-negative int less than 2**32.<br>
<br>
If the compiler supports the concept of a 32-bit unsigned integer type, <br>
then of course we can change our implementation to use that type instead <br>
of our regular ints. But we can't expect to pass such a 32-bit unsigned <br>
integer to a function which expects a regular int unless they are <br>
duck-type compatible, or the compiler performs automatic coercions. <br>
(So-called "weak typing").<br>
<br>
A better example is the one I gave earlier, of a graph with no cycles. <br>
There is a deep fundamental difference between a *statically checked* <br>
DAG with no cycles (a graph which can never contain a cycle because the <br>
compiler won't let you create one) and a *dynamically checked* DAG that <br>
merely has no cycles *now* (it may have had cycles earlier, and it might <br>
have cycles later, but right now it has none).<br>
<br>
These are very different semantics, and Eiffel's contracts support the <br>
second kind: runtime value checks.<br>
<br>
<br>
<br>
-- <br>
Steve<br>
______________________________<wbr>_________________<br>
Python-ideas mailing list<br>
<a href="mailto:Python-ideas@python.org" target="_blank">Python-ideas@python.org</a><br>
<a href="https://mail.python.org/mailman/listinfo/python-ideas" target="_blank">https://mail.python.org/mailma<wbr>n/listinfo/python-ideas</a><br>
Code of Conduct: <a href="http://python.org/psf/codeofconduct/" target="_blank">http://python.org/psf/codeofco<wbr>nduct/</a><br>
</blockquote></div>