|
1 | 1 | --- |
2 | 2 | title: "Make invalid states unrepresentable" |
3 | 3 | date: 2023-07-17 |
4 | | -lastmod: 2023-07-21 |
| 4 | +lastmod: 2024-04-27 |
5 | 5 | description: '"Type-driven development"' |
6 | 6 | math: true |
7 | 7 | author: Jacob Lindahl |
@@ -67,13 +67,15 @@ The Rust compiler is _smart_, and in conjunction with the language's powerful ty |
67 | 67 |
|
68 | 68 | Types tell the compiler in what manner data can be represented. These might be types from the standard library, types from third-party libraries, primitives from the language, or even types that you write yourself. |
69 | 69 |
|
70 | | -Types delineate the set of _legally representable states_ $\mathbb{R}$ in your application. |
| 70 | +Types delineate the set of _legally representable states_ $\mathcal{R}$[^mathbb] in your application. |
71 | 71 |
|
72 | | -Then, there's your business logic. Business logic leverages data that conform to the representable states defined by your types, manipulates those data, and delivers some output. The data that your business logic can handle comprises the set of valid states $\mathbb{V}$ (i.e. "handleable" states), and critically, _the set of valid states is not necessarily equal to the set of representable states_. |
| 72 | +[^mathbb]: Thanks to [oytis on HackerNews](https://news.ycombinator.com/item?id=40155946) for pointing out my prior egregious misuse of mathematical notation. I have updated the article throughout. |
73 | 73 |
|
74 | | -$$|\mathbb{R}| \ge |\mathbb{V}|$$ |
| 74 | +Then, there's your business logic. Business logic leverages data that conform to the representable states defined by your types, manipulates those data, and delivers some output. The data that your business logic can handle comprises the set of valid states $\mathcal{V}$ (i.e. "handleable" states), and critically, _the set of valid states is not necessarily equal to the set of representable states_. |
75 | 75 |
|
76 | | -In fact, $|\mathbb{R}|$ is often _significantly_ larger than $|\mathbb{V}|$, i.e. the code can handle far fewer states than are actually representable. |
| 76 | +$$\mathcal{R} \supseteq \mathcal{V}$$ |
| 77 | + |
| 78 | +In fact, $\mathcal{R}$ is often _significantly_ larger than $\mathcal{V}$, i.e. the code can handle far fewer states than are actually representable. |
77 | 79 |
|
78 | 80 | The difference between these two sets is the set of invalid states: the data which a program can represent but does not know how to handle properly. This is where bugs occur. |
79 | 81 |
|
@@ -133,7 +135,7 @@ accepts_color(Color::Rgb(0, 0, 0)); |
133 | 135 | accepts_color(Color::Rgba(255, 255, 255, 0)); |
134 | 136 | ``` |
135 | 137 |
|
136 | | -Turns out, all of the representable states are also valid states! This means that our sets $\mathbb{R}$ and $\mathbb{V}$ are equal, and no runtime error handling is necessary. |
| 138 | +Turns out, all of the representable states are also valid states! This means that our sets $\mathcal{R}$ and $\mathcal{V}$ are equal, and no runtime error handling is necessary. |
137 | 139 |
|
138 | 140 | Before I continue, let's take a step back and evaluate how we can benefit from coding like this: |
139 | 141 |
|
@@ -370,7 +372,7 @@ impl TryFrom<Vpn<Connecting>> for Vpn<Connected> { |
370 | 372 |
|
371 | 373 | --- |
372 | 374 |
|
373 | | -I do not hope to convince you that your set of types is only good if it cannot represent invalid states, i.e. $\mathbb{R} = \mathbb{V}$. However, I do hope to demonstrate that putting a little more thought into the design of your data structures _could_ help you to avoid _more_ bugs _earlier_ in development. |
| 375 | +I do not hope to convince you that your set of types is only good if it cannot represent invalid states, i.e. $\mathcal{R} = \mathcal{V}$. However, I do hope to demonstrate that putting a little more thought into the design of your data structures _could_ help you to avoid _more_ bugs _earlier_ in development. |
374 | 376 |
|
375 | 377 | --- |
376 | 378 |
|
|
0 commit comments