strawman for the := operator

Brendan Eich brendan at mozilla.org
Wed Aug 8 16:52:07 PDT 2012


David Herman wrote:
> On Aug 8, 2012, at 3:08 PM, Axel Rauschmayer wrote:
>
>>> I'm not yet convinced that Object.update should be restricted to own properties. If you're only using object literals, then yeah, you want own properties only; you're basically using object literals as a poor man's named arguments. But if you're just taking an arbitrary object, there's less reason to expect that its relevant properties won't be inherited.
>> Can you elaborate? Because usually, you have instances that point to shared prototypes. Then you’d also want only the own properties. If there is a type hierarchy, all constructors put all instance data in the same object, so you already have an automatic flattening.
>
> That's a fair point. I have found that I will occasionally have a type-level "constant" that makes sense to keep as an inherited data property, but I'll grant it's somewhat rare.

It's an anti-pattern, in general: constants go on constructors or in 
"package" objects. Too many colllision and deep-mutable hazards on the 
proto-chain for advisory constants.

> Still, the fact that it works fine without the own-check today:
>
>      http://james.padolsey.com/jquery/#v=1.7.2&fn=jQuery.extend
>
> indicates that code is working fine today without prototype pollution problems (especially given that basically everything on the web breaks if you don't respect "Object.prototype is verboten").

I made the same argument but reached a different conclusion: proto-chain 
walking not wanted for Object.extend, because if people *did* extend 
Object.prototype, lots of for-in uses, especially including the one in 
Prototype's Object.extend, would break.

> So before going with the own-check, I'd want to know that existing patterns wouldn't break, and whether it really would help that much.

This is not a case of us knowing too little, or having a neutral stance 
in the face of a balanced controversy. Object.prototype is verboten 
*because* for-in walks the proto chain, *and* it's used by Object.extend 
and other such things. Plus, people don't generally compose via 
__proto__ (Object.create is new) or flatten proto-chains intentionally.

/be


More information about the es-discuss mailing list