WingNews logo WingNews
top | item 46267288

(no title)

md224 | 2 months ago

Writing a Typescript program that takes external input but has no runtime error checking is already a mistake, though. Dealing with external input requires type assertions (since Typescript doesn't know what the program is getting at compile-time) and if you write type assertions without ensuring that the assertions are accurate, then that's on you, not Typescript.

However, if your point is that Typescript can lull people into a false sense of safety, then sure, I take your point. You have to understand where type assertions are coming into play, and if that's obscured then the type safety can be illusory. The benefits of Typescript require you to make sure that the runtime inputs to your program are sufficiently validated.

discuss

order

billyp-rva|2 months ago

> Writing a Typescript program that takes external input but has no runtime error checking is already a mistake, though.

If it's a service, yes, and that's true no matter what technology the service is using. If it's a library, no, because...

> and if you write type assertions without ensuring that the assertions are accurate, then that's on you, not Typescript.

That's on whoever is using the library, not the library author. If the library author provides type definitions, and you as the consumer choose to ignore them, then it's on you.

conartist6|2 months ago

TS certainly thinks of external input as a boundary requiring safety, but usually that would mean form input or CLI args parsing or something.

Usually there's little if any protection against a JS caller providing wrong-type args to TS functions.

md224|2 months ago

Sure, but if the caller is Javascript then you're running Javascript, not Typescript*, so it makes sense that you're not going to get type safety.

I'm also not sure we're actually disagreeing on anything, so perhaps my reply was pointless. I agree that if you mix JS and TS in the way you describe, you'll have problems. My reply was just to say "yes, and that's not really Typescript's fault", but perhaps you weren't implying that to begin with.

* I'm aware that you can't run Typescript directly, but I hope my point here is clear... you're running a program that wasn't type-checked by TS.

umanwizard|2 months ago

Something similar is true for most statically typed languages.

If you write a C library, nothing stops someone from writing an assembly-language program that calls functions in your library with the wrong types.