sorbet-runtime 0.5.5413 → 0.5.5417

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: ee0cee600d0c6c8dffef881a35e510ab5e4247e0d1e156f6d1ee83b7d626af4b
-  data.tar.gz: e3f5c3dea96103665ac92c3b0519f47352d89aa4822acae16f96beb429ab548f
+  metadata.gz: c236407d857c6e24b8e71d59eb7ad8ec51040e48c0f24c56cee6d1385a9a92ab
+  data.tar.gz: 7a8ad4e57f69bfbff85589e862057345cebbb63c5ec5ed74268e902982cd6731
 SHA512:
-  metadata.gz: 7b035657a30fe89c2f598c21f07896e476217ea8708ee3569ff1c45b54dd9df3317547efa10137889a15fe01aa712f414b2a30ccdb636f51c01fb18a52a57f12
-  data.tar.gz: b403812e28bc276d8514c0cfa1fabc856a2027b085bd78460cf018d5eb0c5f6383e066cb23976eef909c9e7121eb01745b4f702f24ae86cf10b426762ab0974d
+  metadata.gz: e897902e9b86b94cb9c59ea2f07f5de20499bf0f178f4b2c0820df1a047c8010120c1fac1a56f977a0ec0b1493051898bfc648c9e54ce9379fc079870e747789
+  data.tar.gz: 7321f38a27966c9cfbfb66b8af11d4f2be9ebbb0b2d80cc5becafd516a2664c1167f57b102aa8a71b5deccd90a645c06237e4018429a0e7ffb5d46e3717e95da

data/lib/sorbet-runtime.rb

@@ -96,12 +96,18 @@ require_relative 'types/enum'
 # Props that run sigs statically so have to be after all the others :(
 require_relative 'types/props/private/setter_factory'
 require_relative 'types/props/private/apply_default'
+require_relative 'types/props/has_lazily_specialized_methods'
 require_relative 'types/props/optional'
 require_relative 'types/props/weak_constructor'
 require_relative 'types/props/constructor'
 require_relative 'types/props/pretty_printable'
+require_relative 'types/props/private/serde_transform'
+require_relative 'types/props/private/deserializer_generator'
+require_relative 'types/props/private/serializer_generator'
 require_relative 'types/props/serializable'
 require_relative 'types/props/type_validation'
+require_relative 'types/props/private/parser'
+require_relative 'types/props/generated_code_validation'
 
 require_relative 'types/struct'
 

data/lib/types/props/custom_type.rb

@@ -80,5 +80,17 @@ module T::Props
         scalar_type?(val)
       end
     end
+
+    def self.checked_serialize(type, instance)
+      val = type.serialize(instance)
+      unless valid_serialization?(val, type)
+        msg = "#{type} did not serialize to a valid scalar type. It became a: #{val.class}"
+        if val.is_a?(Hash)
+          msg += "\nIf you want to store a structured Hash, consider using a T::Struct as your type."
+        end
+        raise T::Props::InvalidValueError.new(msg)
+      end
+      val
+    end
   end
 end

data/lib/types/props/decorator.rb

@@ -230,10 +230,12 @@ class T::Props::Decorator
     nil
   end
 
+  SAFE_NAME = /\A[A-Za-z_][A-Za-z0-9_-]*\z/
+
   # Used to validate both prop names and serialized forms
   sig {params(name: T.any(Symbol, String)).void}
   private def validate_prop_name(name)
-    if !name.match?(/\A[A-Za-z_][A-Za-z0-9_-]*\z/)
+    if !name.match?(SAFE_NAME)
       raise ArgumentError.new("Invalid prop name in #{@class.name}: #{name}")
     end
   end

data/lib/types/props/generated_code_validation.rb

@@ -0,0 +1,251 @@
+# frozen_string_literal: true
+# typed: true
+
+module T::Props
+  # Helper to validate generated code, to mitigate security concerns around
+  # `class_eval`. Not called by default; the expectation is this will be used
+  # in a test iterating over all T::Props::Serializable subclasses.
+  #
+  # We validate the exact expected structure of the generated methods as far
+  # as we can, and then where cloning produces an arbitrarily nested structure,
+  # we just validate a lack of side effects.
+  module GeneratedCodeValidation
+    extend Private::Parse
+
+    class ValidationError < RuntimeError; end
+
+    def self.validate_deserialize(source)
+      parsed = parse(source)
+
+      # def %<name>(hash)
+      #   ...
+      # end
+      assert_equal(:def, parsed.type)
+      name, args, body = parsed.children
+      assert_equal(:__t_props_generated_deserialize, name)
+      assert_equal(s(:args, s(:arg, :hash)), args)
+
+      assert_equal(:begin, body.type)
+      init, *prop_clauses, ret = body.children
+
+      # found = %<prop_count>
+      # ...
+      # found
+      assert_equal(:lvasgn, init.type)
+      init_name, init_val = init.children
+      assert_equal(:found, init_name)
+      assert_equal(:int, init_val.type)
+      assert_equal(s(:lvar, :found), ret)
+
+      prop_clauses.each_with_index do |clause, i|
+        if i % 2 == 0
+          validate_deserialize_hash_read(clause)
+        else
+          validate_deserialize_ivar_set(clause)
+        end
+      end
+    end
+
+    def self.validate_serialize(source)
+      parsed = parse(source)
+
+      # def %<name>(strict)
+      # ...
+      # end
+      assert_equal(:def, parsed.type)
+      name, args, body = parsed.children
+      assert_equal(:__t_props_generated_serialize, name)
+      assert_equal(s(:args, s(:arg, :strict)), args)
+
+      assert_equal(:begin, body.type)
+      init, *prop_clauses, ret = body.children
+
+      # h = {}
+      # ...
+      # h
+      assert_equal(s(:lvasgn, :h, s(:hash)), init)
+      assert_equal(s(:lvar, :h), ret)
+
+      prop_clauses.each do |clause|
+        validate_serialize_clause(clause)
+      end
+    end
+
+    private_class_method def self.validate_serialize_clause(clause)
+      assert_equal(:if, clause.type)
+      condition, if_body, else_body = clause.children
+
+      # if @%<accessor_key>.nil?
+      assert_equal(:send, condition.type)
+      receiver, method = condition.children
+      assert_equal(:ivar, receiver.type)
+      assert_equal(:nil?, method)
+
+      unless if_body.nil?
+        # required_prop_missing_from_serialize(%<prop>) if strict
+        assert_equal(:if, if_body.type)
+        if_strict_condition, if_strict_body, if_strict_else = if_body.children
+        assert_equal(s(:lvar, :strict), if_strict_condition)
+        assert_equal(:send, if_strict_body.type)
+        on_strict_receiver, on_strict_method, on_strict_arg = if_strict_body.children
+        assert_equal(nil, on_strict_receiver)
+        assert_equal(:required_prop_missing_from_serialize, on_strict_method)
+        assert_equal(:sym, on_strict_arg.type)
+        assert_equal(nil, if_strict_else)
+      end
+
+      # h[%<serialized_form>] = ...
+      assert_equal(:send, else_body.type)
+      receiver, method, h_key, h_val = else_body.children
+      assert_equal(s(:lvar, :h), receiver)
+      assert_equal(:[]=, method)
+      assert_equal(:str, h_key.type)
+
+      validate_lack_of_side_effects(h_val, whitelisted_methods_for_serialize)
+    end
+
+    private_class_method def self.validate_deserialize_hash_read(clause)
+      # val = hash[%<serialized_form>s]
+
+      assert_equal(:lvasgn, clause.type)
+      name, val = clause.children
+      assert_equal(:val, name)
+      assert_equal(:send, val.type)
+      receiver, method, arg = val.children
+      assert_equal(s(:lvar, :hash), receiver)
+      assert_equal(:[], method)
+      assert_equal(:str, arg.type)
+    end
+
+    private_class_method def self.validate_deserialize_ivar_set(clause)
+      # %<accessor_key>s = if val.nil?
+      #   found -= 1 unless hash.key?(%<serialized_form>s)
+      #   %<nil_handler>s
+      # else
+      #   %<serialized_val>s
+      # end
+
+      assert_equal(:ivasgn, clause.type)
+      ivar_name, deser_val = clause.children
+      unless ivar_name.is_a?(Symbol)
+        raise ValidationError.new("Unexpected ivar: #{ivar_name}")
+      end
+
+      assert_equal(:if, deser_val.type)
+      condition, if_body, else_body = deser_val.children
+      assert_equal(s(:send, s(:lvar, :val), :nil?), condition)
+
+      assert_equal(:begin, if_body.type)
+      update_found, handle_nil = if_body.children
+      assert_equal(:if, update_found.type)
+      found_condition, found_if_body, found_else_body = update_found.children
+      assert_equal(:send, found_condition.type)
+      receiver, method, arg = found_condition.children
+      assert_equal(s(:lvar, :hash), receiver)
+      assert_equal(:key?, method)
+      assert_equal(:str, arg.type)
+      assert_equal(nil, found_if_body)
+      assert_equal(s(:op_asgn, s(:lvasgn, :found), :-, s(:int, 1)), found_else_body)
+
+      validate_deserialize_handle_nil(handle_nil)
+      validate_lack_of_side_effects(else_body, whitelisted_methods_for_deserialize)
+    end
+
+    private_class_method def self.validate_deserialize_handle_nil(node)
+      case node.type
+      when :hash, :array, :str, :sym, :int, :float, :true, :false, :nil
+        # Primitives are safe
+      when :send
+        receiver, method, arg = node.children
+        if receiver.nil?
+          # required_prop_missing_from_deserialize(%<prop>)
+          assert_equal(:required_prop_missing_from_deserialize, method)
+          assert_equal(:sym, arg.type)
+        elsif receiver == self_class_decorator
+          # self.class.decorator.raise_nil_deserialize_error(%<serialized_form>)
+          assert_equal(:raise_nil_deserialize_error, method)
+          assert_equal(:str, arg.type)
+        elsif method == :default
+          # self.class.decorator.props_with_defaults.fetch(%<prop>).default
+          assert_equal(:send, receiver.type)
+          inner_receiver, inner_method, inner_arg = receiver.children
+          assert_equal(
+            s(:send, self_class_decorator, :props_with_defaults),
+            inner_receiver,
+          )
+          assert_equal(:fetch, inner_method)
+          assert_equal(:sym, inner_arg.type)
+        else
+          raise ValidationError.new("Unexpected receiver in nil handler: #{node.inspect}")
+        end
+      else
+        raise ValidationError.new("Unexpected nil handler: #{node.inspect}")
+      end
+    end
+
+    private_class_method def self.self_class_decorator
+      @self_class_decorator ||= s(:send, s(:send, s(:self), :class), :decorator).freeze
+    end
+
+    private_class_method def self.validate_lack_of_side_effects(node, whitelisted_methods_by_receiver_type)
+      case node.type
+      when :const
+        # This is ok, because we'll have validated what method has been called
+        # if applicable
+      when :hash, :array, :str, :sym, :int, :float, :true, :false, :nil, :self
+        # Primitives & self are ok
+      when :lvar, :arg, :ivar
+        # Reading local & instance variables & arguments is ok
+        unless node.children.all? {|c| c.is_a?(Symbol)}
+          raise ValidationError.new("Unexpected child for #{node.type}: #{node.inspect}")
+        end
+      when :args, :mlhs, :block, :begin, :if
+        # Blocks etc are read-only if their contents are read-only
+        node.children.each {|c| validate_lack_of_side_effects(c, whitelisted_methods_by_receiver_type) if c}
+      when :send
+        # Sends are riskier so check a whitelist
+        receiver, method, *args = node.children
+        if receiver
+          if receiver.type == :send
+            key = receiver
+          else
+            key = receiver.type
+            validate_lack_of_side_effects(receiver, whitelisted_methods_by_receiver_type)
+          end
+
+          if !whitelisted_methods_by_receiver_type[key]&.include?(method)
+            raise ValidationError.new("Unexpected method #{method} called on #{receiver.inspect}")
+          end
+        end
+        args.each do |arg|
+          validate_lack_of_side_effects(arg, whitelisted_methods_by_receiver_type)
+        end
+      else
+        raise ValidationError.new("Unexpected node type #{node.type}: #{node.inspect}")
+      end
+    end
+
+    private_class_method def self.assert_equal(expected, actual)
+      if expected != actual
+        raise ValidationError.new("Expected #{expected}, got #{actual}")
+      end
+    end
+
+    # Method calls generated by SerdeTransform
+    private_class_method def self.whitelisted_methods_for_serialize
+      @whitelisted_methods_for_serialize ||= {
+        :lvar => %i{dup map transform_values transform_keys each_with_object nil? []= serialize},
+        :ivar => %i{dup map transform_values transform_keys each_with_object serialize},
+        :const => %i{checked_serialize deep_clone_object},
+      }
+    end
+
+    # Method calls generated by SerdeTransform
+    private_class_method def self.whitelisted_methods_for_deserialize
+      @whitelisted_methods_for_deserialize ||= {
+        :lvar => %i{dup map transform_values transform_keys each_with_object nil? []=},
+        :const => %i{deserialize from_hash deep_clone_object},
+      }
+    end
+  end
+end

data/lib/types/props/has_lazily_specialized_methods.rb

@@ -0,0 +1,90 @@
+# frozen_string_literal: true
+# typed: false
+
+module T::Props
+
+  # Helper for generating methods that replace themselves with a specialized
+  # version on first use. The main use case is when we want to generate a
+  # method using the full set of props on a class; we can't do that during
+  # prop definition because we have no way of knowing whether we are defining
+  # the last prop.
+  #
+  # See go/M8yrvzX2 (Stripe-internal) for discussion of security considerations.
+  # In outline, while `class_eval` is a bit scary, we believe that as long as
+  # all inputs are defined in version control (and this is enforced by calling
+  # `disable_lazy_evaluation!` appropriately), risk isn't significantly higher
+  # than with build-time codegen.
+  module HasLazilySpecializedMethods
+    extend T::Sig
+
+    class SourceEvaluationDisabled < RuntimeError
+      def initialize
+        super("Evaluation of lazily-defined methods is disabled")
+      end
+    end
+
+    # Disable any future evaluation of lazily-defined methods.
+    #
+    # This is intended to be called after startup but before interacting with
+    # the outside world, to limit attack surface for our `class_eval` use.
+    sig {void}
+    def self.disable_lazy_evaluation!
+      @lazy_evaluation_disabled ||= true
+    end
+
+    sig {returns(T::Boolean)}
+    def self.lazy_evaluation_enabled?
+      !@lazy_evaluation_disabled
+    end
+
+    module DecoratorMethods
+      extend T::Sig
+
+      sig {returns(T::Hash[Symbol, T.proc.returns(String)]).checked(:never)}
+      private def lazily_defined_methods
+        @lazily_defined_methods ||= {}
+      end
+
+      sig {params(name: Symbol).void}
+      private def eval_lazily_defined_method!(name)
+        if !HasLazilySpecializedMethods.lazy_evaluation_enabled?
+          raise SourceEvaluationDisabled.new
+        end
+
+        source = lazily_defined_methods.fetch(name).call
+
+        cls = decorated_class
+        cls.class_eval(source.to_s)
+        cls.send(:private, name)
+      end
+
+      sig {params(name: Symbol, blk: T.proc.returns(String)).void}
+      private def enqueue_lazy_method_definition!(name, &blk)
+        lazily_defined_methods[name] = blk
+
+        cls = decorated_class
+        cls.define_method(name) do |*args|
+          self.class.decorator.send(:eval_lazily_defined_method!, name)
+          send(name, *args)
+        end
+        cls.send(:private, name)
+      end
+
+      sig {void}
+      def eagerly_define_lazy_methods!
+        if !HasLazilySpecializedMethods.lazy_evaluation_enabled?
+          raise SourceEvaluationDisabled.new
+        elsif lazily_defined_methods.empty?
+          return
+        end
+
+        source = lazily_defined_methods.values.map(&:call).map(&:to_s).join("\n\n")
+
+        cls = decorated_class
+        cls.class_eval(source)
+        lazily_defined_methods.keys.each {|name| cls.send(:private, name)}
+        lazily_defined_methods.clear
+      end
+    end
+  end
+end

data/lib/types/props/private/deserializer_generator.rb

@@ -0,0 +1,140 @@
+# frozen_string_literal: true
+# typed: strict
+
+module T::Props
+  module Private
+
+    # Generates a specialized `deserialize` implementation for a subclass of
+    # T::Props::Serializable.
+    #
+    # The basic idea is that we analyze the props and for each prop, generate
+    # the simplest possible logic as a block of Ruby source, so that we don't
+    # pay the cost of supporting types like T:::Hash[CustomType, SubstructType]
+    # when deserializing a simple Integer. Then we join those together,
+    # with a little shared logic to be able to detect when we get input keys
+    # that don't match any prop.
+    module DeserializerGenerator
+      extend T::Sig
+
+      # Generate a method that takes a T::Hash[String, T.untyped] representing
+      # serialized props, sets instance variables for each prop found in the
+      # input, and returns the count of we props set (which we can use to check
+      # for unexpected input keys with minimal effect on the fast path).
+      sig do
+        params(
+          props: T::Hash[Symbol, T::Hash[Symbol, T.untyped]],
+          defaults: T::Hash[Symbol, T::Props::Private::ApplyDefault],
+        )
+        .returns(String)
+        .checked(:never)
+      end
+      def self.generate(props, defaults)
+        stored_props = props.reject {|_, rules| rules[:dont_store]}
+        parts = stored_props.map do |prop, rules|
+          # All of these strings should already be validated (directly or
+          # indirectly) in `validate_prop_name`, so we don't bother with a nice
+          # error message, but we double check here to prevent a refactoring
+          # from introducing a security vulnerability.
+          raise unless T::Props::Decorator::SAFE_NAME.match?(prop.to_s)
+
+          hash_key = rules.fetch(:serialized_form)
+          raise unless T::Props::Decorator::SAFE_NAME.match?(hash_key)
+
+          ivar_name = rules.fetch(:accessor_key).to_s
+          raise unless ivar_name.start_with?('@') && T::Props::Decorator::SAFE_NAME.match?(ivar_name[1..-1])
+
+          transformed_val = SerdeTransform.generate(
+            T::Utils::Nilable.get_underlying_type_object(rules.fetch(:type_object)),
+            SerdeTransform::Mode::DESERIALIZE,
+            'val'
+          ) || 'val'
+
+          nil_handler = generate_nil_handler(
+            prop: prop,
+            serialized_form: hash_key,
+            default: defaults[prop],
+            nilable_type: T::Props::Utils.optional_prop?(rules),
+            raise_on_nil_write: !!rules[:raise_on_nil_write],
+          )
+
+          <<~RUBY
+            val = hash[#{hash_key.inspect}]
+            #{ivar_name} = if val.nil?
+              found -= 1 unless hash.key?(#{hash_key.inspect})
+              #{nil_handler}
+            else
+              #{transformed_val}
+            end
+          RUBY
+        end
+
+        <<~RUBY
+          def __t_props_generated_deserialize(hash)
+            found = #{stored_props.size}
+            #{parts.join("\n\n")}
+            found
+          end
+        RUBY
+      end
+
+      # This is very similar to what we do in ApplyDefault, but has a few
+      # key differences that mean we don't just re-use the code:
+      #
+      # 1. Where the logic in construction is that we generate a default
+      #    if & only if the prop key isn't present in the input, here we'll
+      #    generate a default even to override an explicit nil, but only
+      #    if the prop is actually required.
+      # 2. Since we're generating raw Ruby source, we can remove a layer
+      #    of indirection for marginally better performance; this seems worth
+      #    it for the common cases of literals and empty arrays/hashes.
+      # 3. We need to care about the distinction between `raise_on_nil_write`
+      #    and actually non-nilable, where new-instance construction doesn't.
+      #
+      # So we fall back to ApplyDefault only when one of the cases just
+      # mentioned doesn't apply.
+      sig do
+        params(
+          prop: Symbol,
+          serialized_form: String,
+          default: T.nilable(ApplyDefault),
+          nilable_type: T::Boolean,
+          raise_on_nil_write: T::Boolean,
+        )
+        .returns(String)
+        .checked(:never)
+      end
+      private_class_method def self.generate_nil_handler(
+        prop:,
+        serialized_form:,
+        default:,
+        nilable_type:,
+        raise_on_nil_write:
+      )
+        if !nilable_type
+          case default
+          when NilClass
+            "self.class.decorator.raise_nil_deserialize_error(#{serialized_form.inspect})"
+          when ApplyPrimitiveDefault
+            literal = default.default
+            case literal
+            when String, Integer, Symbol, Float, TrueClass, FalseClass, NilClass
+              literal.inspect
+            else
+              "self.class.decorator.props_with_defaults.fetch(#{prop.inspect}).default"
+            end
+          when ApplyEmptyArrayDefault
+            '[]'
+          when ApplyEmptyHashDefault
+            '{}'
+          else
+            "self.class.decorator.props_with_defaults.fetch(#{prop.inspect}).default"
+          end
+        elsif raise_on_nil_write
+          "required_prop_missing_from_deserialize(#{prop.inspect})"
+        else
+          'nil'
+        end
+      end
+    end
+  end
+end

data/lib/types/props/private/parser.rb

@@ -0,0 +1,32 @@
+# frozen_string_literal: true
+# typed: false
+
+module T::Props
+  module Private
+    module Parse
+      def parse(source)
+        @current_ruby ||= require_parser(:CurrentRuby)
+        @current_ruby.parse(source)
+      end
+
+      def s(type, *children)
+        @node ||= require_parser(:AST, :Node)
+        @node.new(type, children)
+      end
+
+      private def require_parser(*constants)
+        # This is an optional dependency for sorbet-runtime in general,
+        # but is required here
+        require 'parser/current'
+
+        # Hack to work around the static checker thinking the constant is
+        # undefined
+        cls = Kernel.const_get(:Parser, true)
+        while (const = constants.shift)
+          cls = cls.const_get(const, false)
+        end
+        cls
+      end
+    end
+  end
+end

data/lib/types/props/private/serde_transform.rb

@@ -0,0 +1,131 @@
+# frozen_string_literal: true
+# typed: strict
+
+module T::Props
+  module Private
+    module SerdeTransform
+      extend T::Sig
+
+      class Mode < T::Enum
+        enums do
+          SERIALIZE = new
+          DESERIALIZE = new
+        end
+      end
+
+      NO_TRANSFORM_TYPES = T.let(
+        [TrueClass, FalseClass, NilClass, Symbol, String, Numeric].freeze,
+        T::Array[Module],
+      )
+      private_constant :NO_TRANSFORM_TYPES
+
+      sig do
+        params(
+          type: T.any(T::Types::Base, Module),
+          mode: Mode,
+          varname: String,
+        )
+        .returns(T.nilable(String))
+        .checked(:never)
+      end
+      def self.generate(type, mode, varname)
+        case type
+        when T::Types::TypedArray
+          inner = generate(type.type, mode, 'v')
+          if inner.nil?
+            "#{varname}.dup"
+          else
+            "#{varname}.map {|v| #{inner}}"
+          end
+        when T::Types::TypedSet
+          inner = generate(type.type, mode, 'v')
+          if inner.nil?
+            "#{varname}.dup"
+          else
+            "Set.new(#{varname}) {|v| #{inner}}"
+          end
+        when T::Types::TypedHash
+          keys = generate(type.keys, mode, 'k')
+          values = generate(type.values, mode, 'v')
+          if keys && values
+            "#{varname}.each_with_object({}) {|(k,v),h| h[#{keys}] = #{values}}"
+          elsif keys
+            "#{varname}.transform_keys {|k| #{keys}}"
+          elsif values
+            "#{varname}.transform_values {|v| #{values}}"
+          else
+            "#{varname}.dup"
+          end
+        when T::Types::Simple
+          raw = type.raw_type
+          if NO_TRANSFORM_TYPES.any? {|cls| raw <= cls}
+            nil
+          elsif raw < T::Props::Serializable
+            handle_serializable_subtype(varname, raw, mode)
+          elsif raw.singleton_class < T::Props::CustomType
+            handle_custom_type(varname, T.unsafe(raw), mode)
+          else
+            "T::Props::Utils.deep_clone_object(#{varname})"
+          end
+        when T::Types::Union
+          non_nil_type = T::Utils.unwrap_nilable(type)
+          if non_nil_type
+            inner = generate(non_nil_type, mode, varname)
+            if inner.nil?
+              nil
+            else
+              "#{varname}.nil? ? nil : #{inner}"
+            end
+          else
+            "T::Props::Utils.deep_clone_object(#{varname})"
+          end
+        when T::Types::Enum
+          generate(T::Utils.lift_enum(type), mode, varname)
+        else
+          if type.singleton_class < T::Props::CustomType
+            # Sometimes this comes wrapped in a T::Types::Simple and sometimes not
+            handle_custom_type(varname, T.unsafe(type), mode)
+          else
+            "T::Props::Utils.deep_clone_object(#{varname})"
+          end
+        end
+      end
+
+      sig {params(varname: String, type: Module, mode: Mode).returns(String).checked(:never)}
+      private_class_method def self.handle_serializable_subtype(varname, type, mode)
+        case mode
+        when Mode::SERIALIZE
+          "#{varname}.serialize(strict)"
+        when Mode::DESERIALIZE
+          type_name = T.must(module_name(type))
+          "#{type_name}.from_hash(#{varname})"
+        else
+          T.absurd(mode)
+        end
+      end
+
+      sig {params(varname: String, type: Module, mode: Mode).returns(String).checked(:never)}
+      private_class_method def self.handle_custom_type(varname, type, mode)
+        case mode
+        when Mode::SERIALIZE
+          type_name = T.must(module_name(type))
+          "T::Props::CustomType.checked_serialize(#{type_name}, #{varname})"
+        when Mode::DESERIALIZE
+          type_name = T.must(module_name(type))
+          "#{type_name}.deserialize(#{varname})"
+        else
+          T.absurd(mode)
+        end
+      end
+
+      # Guard against overrides of `name` or `to_s`
+      MODULE_NAME = T.let(Module.instance_method(:name), UnboundMethod)
+      private_constant :MODULE_NAME
+
+      sig {params(type: Module).returns(T.nilable(String)).checked(:never)}
+      private_class_method def self.module_name(type)
+        MODULE_NAME.bind(type).call
+      end
+    end
+  end
+end

data/lib/types/props/private/serializer_generator.rb

@@ -0,0 +1,77 @@
+# frozen_string_literal: true
+# typed: strict
+
+module T::Props
+  module Private
+
+    # Generates a specialized `serialize` implementation for a subclass of
+    # T::Props::Serializable.
+    #
+    # The basic idea is that we analyze the props and for each prop, generate
+    # the simplest possible logic as a block of Ruby source, so that we don't
+    # pay the cost of supporting types like T:::Hash[CustomType, SubstructType]
+    # when serializing a simple Integer. Then we join those together,
+    # with a little shared logic to be able to detect when we get input keys
+    # that don't match any prop.
+    module SerializerGenerator
+      extend T::Sig
+
+      sig do
+        params(
+          props: T::Hash[Symbol, T::Hash[Symbol, T.untyped]],
+        )
+        .returns(String)
+        .checked(:never)
+      end
+      def self.generate(props)
+        stored_props = props.reject {|_, rules| rules[:dont_store]}
+        parts = stored_props.map do |prop, rules|
+          # All of these strings should already be validated (directly or
+          # indirectly) in `validate_prop_name`, so we don't bother with a nice
+          # error message, but we double check here to prevent a refactoring
+          # from introducing a security vulnerability.
+          raise unless T::Props::Decorator::SAFE_NAME.match?(prop.to_s)
+
+          hash_key = rules.fetch(:serialized_form)
+          raise unless T::Props::Decorator::SAFE_NAME.match?(hash_key)
+
+          ivar_name = rules.fetch(:accessor_key).to_s
+          raise unless ivar_name.start_with?('@') && T::Props::Decorator::SAFE_NAME.match?(ivar_name[1..-1])
+
+          transformed_val = SerdeTransform.generate(
+            T::Utils::Nilable.get_underlying_type_object(rules.fetch(:type_object)),
+            SerdeTransform::Mode::SERIALIZE,
+            ivar_name
+          ) || ivar_name
+
+          nil_asserter =
+            if rules[:fully_optional]
+              ''
+            else
+              "required_prop_missing_from_serialize(#{prop.inspect}) if strict"
+            end
+
+          # Don't serialize values that are nil to save space (both the
+          # nil value itself and the field name in the serialized BSON
+          # document)
+          <<~RUBY
+            if #{ivar_name}.nil?
+              #{nil_asserter}
+            else
+              h[#{hash_key.inspect}] = #{transformed_val}
+            end
+          RUBY
+        end
+
+        <<~RUBY
+          def __t_props_generated_serialize(strict)
+            h = {}
+            #{parts.join("\n\n")}
+            h
+          end
+        RUBY
+      end
+    end
+  end
+end
+

data/lib/types/props/serializable.rb

@@ -16,96 +16,18 @@ module T::Props::Serializable
   #   values.
   # @return [Hash] A serialization of this object.
   def serialize(strict=true)
-    decorator = self.class.decorator
-    h = {}
-
-    decorator.props.each do |prop, rules|
-      hkey = rules[:serialized_form]
-
-      val = decorator.get(self, prop, rules)
-
-      if val.nil? && strict && !rules[:fully_optional]
-        # If the prop was already missing during deserialization, that means the application
-        # code already had to deal with a nil value, which means we wouldn't be accomplishing
-        # much by raising here (other than causing an unnecessary breakage).
-        if self.required_prop_missing_from_deserialize?(prop)
-          T::Configuration.log_info_handler(
-            "chalk-odm: missing required property in serialize",
-            prop: prop, class: self.class.name, id: decorator.get_id(self)
-          )
-        else
-          raise T::Props::InvalidValueError.new("#{self.class.name}.#{prop} not set for non-optional prop")
-        end
-      end
-
-      # Don't serialize values that are nil to save space (both the
-      # nil value itself and the field name in the serialized BSON
-      # document)
-      next if rules[:dont_store] || val.nil?
-
-      if rules[:serializable_subtype]
-        if rules[:type_is_serializable]
-          val = val.serialize(strict)
-        elsif rules[:type_is_array_of_serializable]
-          if (subtype = rules[:serializable_subtype]).is_a?(T::Props::CustomType)
-            val = val.map {|el| el && subtype.serialize(el)}
-          else
-            val = val.map {|el| el && el.serialize(strict)}
-          end
-        elsif rules[:type_is_hash_of_serializable_values] && rules[:type_is_hash_of_custom_type_keys]
-          key_subtype = rules[:serializable_subtype][:keys]
-          value_subtype = rules[:serializable_subtype][:values]
-          if value_subtype.is_a?(T::Props::CustomType)
-            val = val.each_with_object({}) do |(key, value), result|
-              result[key_subtype.serialize(key)] = value && value_subtype.serialize(value)
-            end
-          else
-            val = val.each_with_object({}) do |(key, value), result|
-              result[key_subtype.serialize(key)] = value && value.serialize(strict)
-            end
-          end
-        elsif rules[:type_is_hash_of_serializable_values]
-          value_subtype = rules[:serializable_subtype]
-          if value_subtype.is_a?(T::Props::CustomType)
-            val = val.transform_values {|v| v && value_subtype.serialize(v)}
-          else
-            val = val.transform_values {|v| v && v.serialize(strict)}
-          end
-        elsif rules[:type_is_hash_of_custom_type_keys]
-          key_subtype = rules[:serializable_subtype]
-          val = val.each_with_object({}) do |(key, value), result|
-            result[key_subtype.serialize(key)] = value
-          end
-        end
-      elsif rules[:type_is_custom_type]
-        val = rules[:type].serialize(val)
-
-        unless T::Props::CustomType.valid_serialization?(val, rules[:type])
-          msg = "#{rules[:type]} did not serialize to a valid scalar type. It became a: #{val.class}"
-          if val.is_a?(Hash)
-            msg += "\nIf you want to store a structured Hash, consider using a T::Struct as your type."
-          end
-          raise T::Props::InvalidValueError.new(msg)
-        end
-      end
-
-      needs_clone = rules[:type_needs_clone]
-      if needs_clone
-        if needs_clone == :shallow
-          val = val.dup
-        else
-          val = T::Props::Utils.deep_clone_object(val)
-        end
-      end
-
-      h[hkey] = val
-    end
-
+    h = __t_props_generated_serialize(strict)
     h.merge!(@_extra_props) if @_extra_props
-
     h
   end
 
+  private def __t_props_generated_serialize(strict)
+    # No-op; will be overridden if there are any props.
+    #
+    # To see the definition for class `Foo`, run `Foo.decorator.send(:generate_serialize_source)`
+    {}
+  end
+
   # Populates the property values on this object with the values
   # from a hash. In general, prefer to use {.from_hash} to construct
   # a new instance, instead of loading into an existing instance.
@@ -117,105 +39,28 @@ module T::Props::Serializable
   #  props on this instance.
   # @return [void]
   def deserialize(hash, strict=false)
-    decorator = self.class.decorator
-
-    matching_props = 0
-
-    decorator.props.each do |p, rules|
-      hkey = rules[:serialized_form]
-      val = hash[hkey]
-      if val.nil?
-        if T::Props::Utils.required_prop?(rules)
-          val = decorator.get_default(rules, self.class)
-          if val.nil?
-            msg = "Tried to deserialize a required prop from a nil value. It's "\
-              "possible that a nil value exists in the database, so you should "\
-              "provide a `default: or factory:` for this prop (see go/optional "\
-              "for more details). If this is already the case, you probably "\
-              "omitted a required prop from the `fields:` option when doing a "\
-              "partial load."
-            storytime = {prop: hkey, klass: self.class.name}
-
-            # Notify the model owner if it exists, and always notify the API owner.
-            begin
-              if defined?(Opus) && defined?(Opus::Ownership) && decorator.decorated_class < Opus::Ownership
-                T::Configuration.hard_assert_handler(
-                  msg,
-                  storytime: storytime,
-                  project: decorator.decorated_class.get_owner
-                )
-              end
-            ensure
-              T::Configuration.hard_assert_handler(msg, storytime: storytime)
-            end
-          end
-        elsif rules[:need_nil_read_check]
-          self.required_prop_missing_from_deserialize(p)
-        end
-
-        matching_props += 1 if hash.key?(hkey)
-      else
-        if (subtype = rules[:serializable_subtype])
-          val =
-            if rules[:type_is_array_of_serializable]
-              if subtype.is_a?(T::Props::CustomType)
-                val.map {|el| el && subtype.deserialize(el)}
-              else
-                val.map {|el| el && subtype.from_hash(el)}
-              end
-            elsif rules[:type_is_hash_of_serializable_values] && rules[:type_is_hash_of_custom_type_keys]
-              key_subtype = subtype[:keys]
-              values_subtype = subtype[:values]
-              if values_subtype.is_a?(T::Props::CustomType)
-                val.each_with_object({}) do |(key, value), result|
-                  result[key_subtype.deserialize(key)] = value && values_subtype.deserialize(value)
-                end
-              else
-                val.each_with_object({}) do |(key, value), result|
-                  result[key_subtype.deserialize(key)] = value && values_subtype.from_hash(value)
-                end
-              end
-            elsif rules[:type_is_hash_of_serializable_values]
-              if subtype.is_a?(T::Props::CustomType)
-                val.transform_values {|v| v && subtype.deserialize(v)}
-              else
-                val.transform_values {|v| v && subtype.from_hash(v)}
-              end
-            elsif rules[:type_is_hash_of_custom_type_keys]
-              val.map do |key, value|
-                [subtype.deserialize(key), value]
-              end.to_h
-            else
-              subtype.from_hash(val)
-            end
-        elsif (needs_clone = rules[:type_needs_clone])
-          val =
-            if needs_clone == :shallow
-              val.dup
-            else
-              T::Props::Utils.deep_clone_object(val)
-            end
-        elsif rules[:type_is_custom_type]
-          val = rules[:type].deserialize(val)
+    hash_keys_matching_props = __t_props_generated_deserialize(hash)
+    if hash.size > hash_keys_matching_props
+      serialized_forms = self.class.decorator.prop_by_serialized_forms
+      extra = hash.reject {|k, _| serialized_forms.key?(k)}
+
+      # `extra` could still be empty here if the input matches a `dont_store` prop;
+      # historically, we just ignore those
+      if !extra.empty?
+        if strict
+          raise "Unknown properties for #{self.class.name}: #{extra.keys.inspect}"
+        else
+          @_extra_props = extra
         end
-
-        matching_props += 1
       end
-
-      self.instance_variable_set(rules[:accessor_key], val) # rubocop:disable PrisonGuard/NoLurkyInstanceVariableAccess
     end
+  end
 
-    # We compute extra_props this way specifically for performance
-    if matching_props < hash.size
-      pbsf = decorator.prop_by_serialized_forms
-      h = hash.reject {|k, _| pbsf.key?(k)}
-
-      if strict
-        raise "Unknown properties for #{self.class.name}: #{h.keys.inspect}"
-      else
-        @_extra_props = h
-      end
-    end
+  private def __t_props_generated_deserialize(hash)
+    # No-op; will be overridden if there are any props.
+    #
+    # To see the definition for class `Foo`, run `Foo.decorator.send(:generate_deserialize_source)`
+    0
   end
 
   # with() will clone the old object to the new object and merge the specified props to the new object.
@@ -254,14 +99,23 @@ module T::Props::Serializable
     new_val
   end
 
-  # @return [T::Boolean] Was this property missing during deserialize?
-  def required_prop_missing_from_deserialize?(prop)
-    return false if @_required_props_missing_from_deserialize.nil?
-    @_required_props_missing_from_deserialize.include?(prop)
+  # Asserts if this property is missing during strict serialize
+  private def required_prop_missing_from_serialize(prop)
+    if @_required_props_missing_from_deserialize&.include?(prop)
+      # If the prop was already missing during deserialization, that means the application
+      # code already had to deal with a nil value, which means we wouldn't be accomplishing
+      # much by raising here (other than causing an unnecessary breakage).
+      T::Configuration.log_info_handler(
+        "chalk-odm: missing required property in serialize",
+        prop: prop, class: self.class.name, id: self.class.decorator.get_id(self)
+      )
+    else
+      raise T::Props::InvalidValueError.new("#{self.class.name}.#{prop} not set for non-optional prop")
+    end
   end
 
-  # @return Marks this property as missing during deserialize
-  def required_prop_missing_from_deserialize(prop)
+  # Marks this property as missing during deserialize
+  private def required_prop_missing_from_deserialize(prop)
     @_required_props_missing_from_deserialize ||= Set[]
     @_required_props_missing_from_deserialize << prop
     nil
@@ -274,6 +128,7 @@ end
 # NB: This must stay in the same file where T::Props::Serializable is defined due to
 # T::Props::Decorator#apply_plugin; see https://git.corp.stripe.com/stripe-internal/pay-server/blob/fc7f15593b49875f2d0499ffecfd19798bac05b3/chalk/odm/lib/chalk-odm/document_decorator.rb#L716-L717
 module T::Props::Serializable::DecoratorMethods
+  include T::Props::HasLazilySpecializedMethods::DecoratorMethods
 
   VALID_RULE_KEYS = {dont_store: true, name: true, raise_on_nil_write: true}.freeze
   private_constant :VALID_RULE_KEYS
@@ -310,9 +165,45 @@ module T::Props::Serializable::DecoratorMethods
     rules[:serialized_form] = rules.fetch(:name, prop.to_s)
     res = super
     prop_by_serialized_forms[rules[:serialized_form]] = prop
+    enqueue_lazy_method_definition!(:__t_props_generated_serialize) {generate_serialize_source}
+    enqueue_lazy_method_definition!(:__t_props_generated_deserialize) {generate_deserialize_source}
     res
   end
 
+  private def generate_serialize_source
+    T::Props::Private::SerializerGenerator.generate(props)
+  end
+
+  private def generate_deserialize_source
+    T::Props::Private::DeserializerGenerator.generate(
+      props,
+      props_with_defaults || {},
+    )
+  end
+
+  def raise_nil_deserialize_error(hkey)
+    msg = "Tried to deserialize a required prop from a nil value. It's "\
+      "possible that a nil value exists in the database, so you should "\
+      "provide a `default: or factory:` for this prop (see go/optional "\
+      "for more details). If this is already the case, you probably "\
+      "omitted a required prop from the `fields:` option when doing a "\
+      "partial load."
+    storytime = {prop: hkey, klass: decorated_class.name}
+
+    # Notify the model owner if it exists, and always notify the API owner.
+    begin
+      if defined?(Opus) && defined?(Opus::Ownership) && decorated_class < Opus::Ownership
+        T::Configuration.hard_assert_handler(
+          msg,
+          storytime: storytime,
+          project: decorated_class.get_owner
+        )
+      end
+    ensure
+      T::Configuration.hard_assert_handler(msg, storytime: storytime)
+    end
+  end
+
   def prop_validate_definition!(name, cls, rules, type)
     result = super
 

data/lib/types/utils.rb

@@ -151,6 +151,21 @@ module T::Utils
     "#{start_part}#{ellipsis}#{end_part}"
   end
 
+  def self.lift_enum(enum)
+    unless enum.is_a?(T::Types::Enum)
+      raise ArgumentError.new("#{enum.inspect} is not a T.enum")
+    end
+
+    classes = enum.values.map(&:class).uniq
+    if classes.empty?
+      T.untyped
+    elsif classes.length > 1
+      T::Types::Union.new(classes)
+    else
+      T::Types::Simple.new(classes.first)
+    end
+  end
+
   module Nilable
     # :is_union_type, T::Boolean: whether the type is an T::Types::Union type
     # :non_nilable_type, Class: if it is an T.nilable type, the corresponding underlying type; otherwise, nil.

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: sorbet-runtime
 version: !ruby/object:Gem::Version
-  version: 0.5.5413
+  version: 0.5.5417
 platform: ruby
 authors:
 - Stripe
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-03-04 00:00:00.000000000 Z
+date: 2020-03-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: minitest
@@ -94,6 +94,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: parser
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.7'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.7'
 description: Sorbet's runtime type checking component
 email: 
 executables: []
@@ -137,10 +151,16 @@ files:
 - lib/types/props/custom_type.rb
 - lib/types/props/decorator.rb
 - lib/types/props/errors.rb
+- lib/types/props/generated_code_validation.rb
+- lib/types/props/has_lazily_specialized_methods.rb
 - lib/types/props/optional.rb
 - lib/types/props/plugin.rb
 - lib/types/props/pretty_printable.rb
 - lib/types/props/private/apply_default.rb
+- lib/types/props/private/deserializer_generator.rb
+- lib/types/props/private/parser.rb
+- lib/types/props/private/serde_transform.rb
+- lib/types/props/private/serializer_generator.rb
 - lib/types/props/private/setter_factory.rb
 - lib/types/props/serializable.rb
 - lib/types/props/type_validation.rb