rust/comprehensive-rust
1
0
Fork 0
mirror of https://github.com/google/comprehensive-rust.git synced 2025-07-14 10:04:19 +02:00
Code Issues Releases Activity

Apply suggestions from code review

Browse Source 
Co-authored-by: Dmitri Gribenko <gribozavr@gmail.com>
This commit is contained in:
Luca Palmieri
2025-07-07 13:23:09 +02:00
committed by GitHub
parent 66b4705d50
commit ee355aebd9
1 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/idiomatic/leveraging-the-type-system/newtype-pattern/parse-don-t-validate.md
View File

@ -48,13 +48,15 @@ impl Username {
can't modify it.
- Stress the importance of evaluating _the entire API surface_ exposed by a
newtype to determine if invariants are indeed bullet-proof.\
newtype to determine if invariants are indeed bullet-proof.
It is crucial to consider all possible interactions, including trait
implementations, that may allow users to bypass the invariants. For example,
if the `Username` type implements the `DerefMut` trait, users can modify the
underlying string directly, bypassing the validation checks in `new`.
- Type-level invariants have second-order benefits.\
- Type-level invariants have second-order benefits.
The input is validated once, at the boundary, and the rest of the program can
rely on the invariants being upheld. We can avoid redundant validation and
"defensive programming" checks throughout the program, reducing noise and