Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> I know what a UUID (or a String) is. I don't know what an AccountID, UserID, etc. is. Now I need to know what those are (and how to make them, etc. as well) to use your software.

Yes, that’s exactly the point. If you don’t know how to acquire an AccountID you shouldn’t just be passing a random string or UUID into a function that accepts an AccountID hoping it’ll work, you should have acquired it from a source that gives out AccountIDs!



And that's my point: I'm usually getting AccountIDs from strings (passed in via HTTP requests) so the whole thing becomes a pointless exercise.


You just accept raw strings without doing any kind of validation? The step that performs validation should encode that step in the form of a type.


i pride myself in never doing any validation ever

never escape anything, either

just hand my users a raw SQL connection


I prefer to just skip a few steps and email them my bank account number when they register an account.


Do you validate them? I assume you do. Feels like a great time to cast them too


'Parse, Don't Validate'


'Don't Parse, Don't Validate'

https://news.ycombinator.com/item?id=44677515


Validating and then casting to a type sounds an awful lot like parsing.


If your system is full of stringly typed network interfaces then yes there is no point in trying to make it good. You can make things a bit better by using a structured RPC protocol like gRPC, but the only real solution is to not do that.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: