-1

Java finally supports string interpolation! I'm very happy about it. However, the syntax seems to me a bit clumsy

// string templating syntax from Java 23

String greeting = STR."Hello \{name}!";

Specifically, I have doubts about the necessity of that STR prefix which adds as many as four extra characters (counting the dot). Besides, it looks like I'm querying some unusual static property on a global STR object which adds to the confusion

It's clear that for the back compatibility reasons, it couldn't be just "Hello \{name}!" as there could theoretically be a literal string "{name}" somewhere in existing Java code. However, there are solutions from other languages that seem to address that better

  1. Backticks, a-la JS (they could use triple backticks for text blocks). Adds zero extra characters
String greeting = `Hello, \{name}!`;
  1. Dollar signs, a-la C#. Adds one extra character
String greeting = $"Hello, \{name}!";

What forces drove Java creators to use STR. instead?

Improve this question
2
  • 4
    Questions like "Why did the devs do X?" are not suited for SO as they can only attract opinionated answers and are therefore not answerable. Such a question is better directed at the devs themselves, as we cannot know why they made that decision. Commented May 4, 2024 at 9:05
  • 3
    Normally I'd agree with the above, but the Java Enhancement Process (JEP) is where this kind of thing is documented. See openjdk.org/jeps/1. Commented May 4, 2024 at 9:25

1 Answer 1

Reset to default
6

The rationale is provided by JEP 430. It acknowledges the convenience of string interpolation, with, e.g. a $ like in your example, but goes on to say that security is a big reason for not doing interpolation. Quoting from the JEP:

Unfortunately, the convenience of interpolation has a downside: It is easy to construct strings that will be interpreted by other systems but which are dangerously incorrect in those systems.

The obvious example is interpolation in SQL statements.

The next section of the JEP, "Can we do better?" says

For Java, we would like to have a string composition feature that achieves the clarity of interpolation but achieves a safer result out-of-the-box, perhaps trading off a small amount of convenience to gain a large amount of safety.

Note that string templates are a preview feature in Java 21 and 22 (JEP 459 for Java 22) and are going to be dropped in Java 23: https://bugs.openjdk.org/browse/JDK-8329949.

Improve this answer
Sign up to request clarification or add additional context in comments.

9 Comments

Thank you! What about backticks?
Again, that's another form of interpolation and the JEP gives several examples from different languages. The templating works differently - read the JEP for the details.
@Powet what about em? The central thesis of JEP430 is: "Shoving user-provided (i.e. potentially harmful) data into strings is asking for massive security leaks unless some sort of hygiene is applied; the hygine that must be applied depends on context that cannot be gleaned from the string, therefore, it is REQUIRED that any string interpolation construct in a source file somehow includes information about what hygiene is required to make it safe. In other words, a parameter is necessary. backticks don't provide any opportunity to add this parameter.
@Powet a common theme is 'but other languages do it this way' which isn't an argument that sways OpenJDK and shouldn't be an argument that sways you. Who cares that most other languages sprinted off the cliff and died? That's not a sound argument to also run off the cliff. The STR in STR."template here" is that 'what hygiene should be applied?' parameter. Sure, you can replace the quotes with backticks, but you can't get rid of STR without going kersplat off that cliff.
@Powet note that what you've described in your question is old news. The last state of the proposal before it was yanked entirely (as ndc85430 wrote, it has been retracted for now. I am disappointed that it has been, the proposal was fantastic) is that string templates look like $"foo.\{whatever}" and do not produce a string. You MUST feed these to a method that does something with it. That 'selects' the hygiene. E.g. escapers.html("Hello, <em>\{username}</em>").
|

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.