A third static analyzer for Python! I wonder what this landscape is going to look like in a few years... (There are probably others, but this is the first I'd heard of Pyre, and I'd only known about mypy and pytype up until today - if there are others I'd love to hear about them!)<p>On a more substantive note, static analysis is one of those things that sounds like you shouldn't even need it but in reality is a surprisingly powerful tool, for the same reason that all code has bugs: humans honestly suck at writing code. (For those of you that have seen Bret Victor's "Inventing on Principle", I feel like static analysis is one of the first steps in getting to the kind of feedback loop he envisions.)<p>We have all these ideas around how things <i>should</i> work, but so frequently our mental model diverges slightly from what's actually happening (which dynamic typing only makes worse, and NPEs even more so) and that's on <i>top</i> of the mistakes we make (like this one in the JDK, which was caught using ErrorProne, a static analyzer for Java: <a href="https://bugs.openjdk.java.net/browse/JDK-8176402" rel="nofollow">https://bugs.openjdk.java.net/browse/JDK-8176402</a>).<p>Also, a fun tidbit about using static analysis to apply automated code fixes: this is basically when you realize you <i>need</i> auto-formatters, because you still want your code to be indented like a sane person would after applying a change like this. (And imagine how much more complex the autoformatter/autofixer have to be when you think about how they have to do things like preserve comments, etc!)
Interesting article. I’d love to hear more about how other folks are getting on with typing in python these days. What’s the preferred tool for limiting etc? I’ve been playing with Microsoft python language server recently and mypy (via vim coc). I haven’t got a config that works well yet but it shows promise and I’m spurred on by how typescript is working well for us in that setup.
> we have hundreds of engineers shipping hundreds of commits every day<p>Can someone with (any) experience explain to me why do seemingly perfectly functional websites need change all the time? Is the production version hacked together or what? Why can't websites be coded once and left to run with the rest of the effort being devoted to maintance/adding more servers as the load increases?<p>I admit that I know almost nothing about how large codebases function (it might being apparent judging by the question)
I quickly looked at pyre and pytype. I wonder : is there a static analyzer for Python that can check for termination guarantee in small snippets of code?<p>The idea is to have a "safe" and "unsafe" Python (ala Rust) according to some guarantees. Proving termination of program is hard, but it is doable if dev time is dedicated to it, and algorithms are well chosen.<p>That way, some core libraries could be rewritten and give stronger guarantees.<p>The idea is used in <a href="https://github.com/google/starlark-go" rel="nofollow">https://github.com/google/starlark-go</a> which is a subset of Python. People who are used with Python can use it to write imperative config files, and the files are guaranteed to not mess with sensible stuff<p>edit : some starlark design choices explained : <a href="https://github.com/bazelbuild/starlark/blob/master/design.md" rel="nofollow">https://github.com/bazelbuild/starlark/blob/master/design.md</a>
Would be cool if they could quantity the gains in productivity - eg before we put in the static analysis we had x level of software defects, following these improvements we saw a drop to level y. Trying to introduce similar improvements at my current place but it’s a hard sell without data
I wonder if there was a point in the history of Instagram's codebase at which it would've been cost-effective to rewrite it in a statically typed language.<p>If you find yourself in a hole, stop digging.
It's curious to me that commonly in programmer discussion, we'll say on the one hand that the programming language you use doesn't matter, while on the other hand tout the benefits of adding types and static analysis.<p>There <i>are</i> some languages where types and static analysis are <i>part of the language</i>.<p>It's paradoxical that we as an industry hold these two things to be both equal and different.
> Lets say we needed to deprecate a function named ‘fn’ for a better named function called called ‘add’.<p>wondering why they would deprecate fn instead of renaming everywhere with 'add'. I thought that was one of the main big sells of the monolith.