After reading the proposal more carefully, I realized that there are element finishers in addition to class finishers. Assuming that this feature is likely to stay in the proposal (which I hope it is), I propose adding an example to METAPROGRAMMING.MD.

I can submit a PR for this, I just wanted to post this issue first to verify that I understand correctly and that finisher is indeed one of the valid properties you can set on the element descriptor object that you return. I was thinking I'd use the @readonly decorator I mentioned in #55 as the example:

class User {
  @readonly id
  ...

  constructor(id = null) {
    this.id = id
  }
}

function readonly(elementDecriptor) {
    elementDecriptor.finisher = () => {
        elementDecriptor.descriptor.writable = false
    }
    return elementDecriptor
}

For now I can keep my PR limited to METAPROGRAMMING.MD; I assume it's ok to include an additional example there that isn't necessarily in the readme file.

I was also wondering about this section of the metaprogramming guide:

{
  kind: "method" or "field"
  key: String, Symbol or Private Name,
  placement: "static", "prototype" or "own",
  descriptor: Property Descriptor (argument to Object.defineProperty),
}

Would it be accurate to include initializer and finisher in that list as well? Or are those only properties that you can return, not properties that are necessarily already included in the object that gets passed in? I wasn't sure if maybe the object already includes those properties but they're just undefined by default. (And in the case of initializers I'm guessing that if you initialize your field with something like class MyClass { x = 1 } that it would already have an initializer setting the value to 1 that your decorator could override/extend if it wanted to.)

Example of why this would be expected to occur: If a finisher were to be used to implement a static field (e.g., a static private field), it may want to evaluate its initializer thunk. If this happens, you'd expect all of the static field initializers to be run in top-to-bottom order.

Currently, though, all finishers run after all class field initializers. This doesn't come from @wycats and @bterlson 's decorators spec; it is just an artifact of how I combined decorators with fields. Should they be interspersed? For example, the logic could be,

For each class element,
  Run its initializer, if it exists
  Run the class element's finishers (finishers added by inner decorators before outer ones)
Run the class finishers

The current semantics for the PrivateName Object can result in decorators that leak shared custom PrivateName values, breaking "hard privacy". For example:

// a.js
const sharedPrivateName = new PrivateName("shared");
export function dec(desc) {
  desc.elements.push({ 
    kind: "field", 
    placement: "own", 
    key: sharedPrivateName 
  });
  desc.elements.push({
    kind: "method",
    key: "setPrivateData",
    placement: "prototype",
    descriptor: {
      value: function(data) {
        sharedPrivateName.set(this, data);
      }
    }
  });
  return desc;
}

// b.js
import { dec } from "./a.js";

// apply the decorator, adds `sharedPrivateName` to `C`
@dec
class C {
}

// leak the private name
const desc = { kind: "class", elements: [] };
dec(desc);
const leakedPrivateName = desc.elements[0].key;

// demonstrate leak
const obj = new C();
obj.setPrivateData("private data"); // method attached by decorator

const privateData = leakedPrivateName.get(obj);
privateData; // "private data";

One possible approach to avoid this is to break PrivateName into two parts: a property "mutator" and an opaque "key". For example:

interface PrivateName {
  key;
  get(obj);
  set(obj, value);
}

Then the decorator above could be rewritten:

// a.js
const sharedPrivateName = new PrivateName("shared");
export function dec(desc) {
  desc.elements.push({ 
    kind: "field", 
    placement: "own", 
    key: sharedPrivateName.key // only send opaque key
  });
  desc.elements.push({
    kind: "method",
    key: "setPrivateData",
    placement: "prototype",
    descriptor: {
      value: function(data) {
        sharedPrivateName.set(this, data); // uses mutator
      }
    }
  });
  return desc;
}

While this still results in a key that could be added to any object, it prevents an untrusted third party from reading or writing to that state.

1. Above the example for defineElement et al, you have the sentence:

   For example, the above three decorators could be defined as follows:

   I think you mean for this to refer back to the examples in README.md, as they are not defined in this file.

2. The first line of the following example has:

   import "decorators" as decorators

   I think you mean this:

   import * as decorators from "decorators"

3. If PrivateName is only accessible from the "decorators" built-in module, then how can scripts leverage this feature?

4. In your example for bound, you have:

   if (placement == "prototype") placement = "instance";

   However, in the preceding definition of a class element, you have:

   placement: "static", "prototype", or "own",

5. You have the same issue as (4) in the definition of observed:

   assert(placement == "instance")

Previous discussion: tc39/proposal-decorators-previous#23

Is this OK to leave for v2?

The current wording for DecorateClass puts "extras" elements at the end, after all the syntactically provided elements, in the order of the elements. This is visible in two ways:

• If there are multiple field declarations involved, the initializer for one will see whether the other has been added.
• In the ordering of the property descriptors, if you use some obscure metaprogramming APIs.

However, the spec by @wycats and @bterlson puts extras right after the element that it was created for (see steps 23-24).

Given that this is observable, we should get it right. I'm thinking of reverting to the previous semantics.

See tc39/proposal-decorators-previous#45

Leaving for v2.

The decorators proposal seems like a useful concept, but I don't see the reason for introducing new tokens like # and @.

In my opinion, it would be much better to use some old tokens for these class properties (for example / or ^ or anything which would throw a syntax error if decorators are not implemented). It will make it much easier to maintain the code readable. Why would we introduce new tokens, while we have a lot of old tokens that are currently forbidden in such context.

This specification is intended to be an update on the decorators proposal. I've been working on the champions of that proposal on it, and it seemed to be well-received at the last TC39 meeting. However, it is in a different location, which leads to confusion from people who are prototyping decorators. Maybe these contents should be moved there, e.g., with a PR.

cc @wycats @bterlson

The repo description links to https://littledan.github.io/ which results in 404.

At the January 2018 TC39 meeting, during the decorators presentation, the committee discussed a possible decorators standard library.

Would it make sense to sketch out, at an explainer level, what such a library might contain? Or, are we entirely content with leaving this to ecosystem-level solutions (e.g., core-decorators)?

At the time, some people in committee seemed to be advocating for a decorators standard library to be part of the this proposal, while others were suggesting that it would make more sense to wait until decorators are shipped for a while and see what JavaScript programmers find useful for themselves.

A compromise might be to aim to develop a Stage 1 proposal for a decorator standard library while this decorators proposal is at Stage 2 or 3. Even if it stays at Stage 1 for a while, such a standard library might be a useful design for polyfills and gain usage organically that way.

https://herbsutter.files.wordpress.com/2017/07/p0707r1.pdf

It seems that this approach has a lot in common with the current "class decorators" approach, from my brief skimming of the updated markdown documents in this repository. It might be worth doing a careful study to see if there are interesting elements from that paper that we could learn from, or borrow, or that we aren't covering with class decorators.

Obviously the setting is very different (compile-time vs. runtime). But I think the effect is similar. And I was struck by the examples that paper presents (new "types" of classes, e.g. interface, "ordered type", "value type", etc.) which are very different from the @defineElement() example in this repository. Indeed, that paper makes me wonder if class decorators are general enough to replace other possible proposals (e.g. the traits-like protocol/interface proposal).

First of all, thank you for putting the proposal together.

Small bug to be fixed:

• This is how descriptors are presented in METAPROGRAMMING.md:

  {
    kind: "method" or "field"
    key: String, Symbol or Private Name,
    placement: "static", "prototype" or "own",
    descriptor: Property Descriptor (argument to Object.defineProperty),
  }

• Later on placement is not used. Instead of it isStatic is used in several places:

  memberDescriptor.extras = [{
    kind: "field",
    // The initializer callback is called with the receiver set to the new instance
    initializer() { return descriptor.value.bind(this); },
    descriptor,
    isStatic,
  }];

The intend is clear to me, but probably it should be fixed anyway.

The current decorators proposal gives decorators the ability to manipulate the writability of private fields and methods. Enumerability and configurability don't quite make sense for private fields (it can't be enumerable if it's private, and delete is a syntax error), but writability works.

From advice from @bakkot, this proposal does allow decorators to manipulate the writability of private fields and methods, since there was no reason not to. But at the same time, I don't have much of a use case for this manipulation in mind. Given that there are a number of lines of spec text prohibiting property descriptors in certain states, it wouldn't be so out of the ordinary to prohibit this.

I don't have a strong reason to go either way. Any opinions?

Right now, the only way to tell if a class descriptor, method descriptor or field descriptor is that or another object is to read its properties and see if it kinda looks like a descriptor (e.g., does it have a type property). To make overloading easier and more reliable, we should brand them. We can do this through an own @@toStringTag property that identifies these as "Class Descriptor", "Method Descriptor" and "Field Descriptor". This should resolve tc39/proposal-decorators-previous#24 .

I need to define some static methods or properties in the decorator. But in the current version there is a reference only to the instance but not to the class.

myDecrator(...args) {
   needMyClass.staticProperty = 'SomeValue';
   ^^^^^^^^^^^^ need reference to decorated class in this stage
  return myConsructor(instance) {
     instance.property = 'someValue'l
  }
}

While this is likely better suited for a separate proposal, I wanted to outline my early thoughts about accessibility modifiers, as a follow up to #24 (comment). If this seems generally viable, I may work this up into a full proposal.

The protected modifier

The protected modifier allows a subclass to access all of the private names of a superclass that were declared as part of a protected member.

Example

class Super {
  protected #x = 1;
  protected #y() { return this.#x; }
  constructor(x) { this.#x = x; }
}

class Sub extends Super {
  protected #y() {
    // overrides #y in Super
    return super.#y() + 1; // ok, since its the same #y
  }
  method() { return this.#y(); }
}

Suggested Semantics

• To implement protected in a fashion that aligns with other languages, private named methods would need to be installed on the prototype and member lookups would require a prototype walk, as this is needed to support super.
• Whenever a class extends a superclass, the private names of any protected method are added to the subclass instance.
• A subclass may "override" a protected member of a superclass.
• A subclass may not declare a new private member with the same name as a protected member of its superclass.

The abstract modifier

An abstract modifier could be applied to classes and both private and non-private methods.

Example

abstract class Super {
  protected abstract #x(a, b); // protected abstract
  abstract y(c); // public abstract
}

class Sub extends Super {
  protected #x(a, b) {   }
  y(c) { }
}

Suggested semantics

• An abstract class has a specialized [[Construct]] method that throws if the current new.target is a constructor for a class that is abstract.
• An abstract method must be declared in an abstract class.
• An abstract method may have a parameter list, but its parameters may not have initializers and may be neither binding patterns nor a rest argument.
• An abstract method may not have a body. When the method is defined during class declaration evaluation, it is given a body that throws a TypeError.
• An abstract method with a private name must also be declared protected.
• If a subclass is not abstract, but it directly extends an abstract superclass, it must provide an implementation for any abstract method.

The friend modifier

The friend modifier allows a class to indicate another class that can access its private and protected members. The befriended class can access those private names using a prefixed private name.

Example

class B {
  getX(obj) {
    return obj.A#x;
  }
  setX(obj, value) {
    obj.A#x = value;
  }
  callY(obj) {
    return obj.A#y();
  }
}

class A friend B {
  #x;
  protected #y() { return this.#x + 1; }
  constructor(x) { this.#x = x; }
}

Suggested semantics

• When declaring the friends of a class, the befriended class must already be declared and initialized.
• The prefixed-private name has the form: Identifier # Identifier. The lexical this of the caller is passed as a new argument to the private get operation and is used to check access.

Optional: The private modifier

The private modifier is only allowed on a private-named declaration and is optional. Generally it just exists to visually disambiguate between private and protected members.

In a meeting discussing decorators with potential implementers, @gsathya, @msaboff and @akroshg expressed some concern about the implementation complexity of adding a new PrivateName primitive. The current specification requires handling PrivateName in all sorts of contexts--this could be complexity which grows over time as the language evolves.

Is it possible to avoid exposing PrivateName directly, and instead use some kind of closures, but still get at the same kind of expressivity? Let's brainstorm API ideas.

These decorators may be useful for interfacing legacy code or browser event handlers in a way that is easier to read.

With ECMAScript 2017, much code is classes of async methods that is frequently called by code that is not class-oriented.

A case often discussed is bind to this, which today is used in the constructor with this.method = ::this.method

Another frequent case is for an event invocation to transition into an async method. Here, it would be of benefit if both this binding and an onReject function could be defined

today, ECMAScript 2017:

class {
  handler = e => (async () {
    …
  })().catch(this.errorHandler)

  errorHandler = e => console.error(this.e = e)
}

if that could instead be somehow like:

class {
  @catch(this.errorHandler)
  async handler::(e) {
    …
  }

  errorHandler::(e) {
    console.error(this.e = e)
  }

With the :: meaning this.method = this.method.bind(this)
Then those methods would not be anonymous and there would be less ugly characters to get wrong

I'm not sure if this is the best place to ask. Since I couldn't get a clear answer why other methods for declaring private fields where not considered in this thread tc39/proposal-class-fields#59
I would like to know if here somebody could clarify.

To sum up,
I read the FAQs and I get why the # chars was chosen. What I disagree with is the way private fields are declared.
In the discussion I mentioned the following example to be confusing:

class {
  $validField = 1
  _validField = 2
  #validField = 3 // This is private, but looks similar to the above
  method() {
    this.$validField
    this.#validField
  }

Here, there is nothing that makes the code self explanatory. $ and _ are still perfectly valid chars to define a variable.
What about:

class {
  $ = jQuery
  _ = lodash
  #$ = Other
}

I asked later in the thread, why isn't this syntax better?:

class {
  $validField = 0 // public
  _validField = 0 // public
  private #validField = 0 // code self explains it's a private var
  private #$validField = 0 // less confusing
  static private #_validField = 0

  method() {} // public
  $method() {} // public
  private #method() {} // private
  private #$method() {} // private
  static private #method() {} // private

  constructor () {
    this.#method() // they way of accessing doesn't change as proposed before
  }
}

Why?
Public fields are defined without the public keyword
Static fields are defined with the static keyword
Private fields are defined the same way public fields are with special chars _ and $ which makes it confusing and the code less self explanatory
By not using a keyword private, it may limit future proposals for other kinds of fields (protected, friend for instance. Would they need to come up with another unused character?)

Could somebody clarify if these points where taken into account? If so, does that mean defining vars beginning with _ and $ should be considered a bad practice in the future to avoid making the code not readable when working with private fields?

It has become a common practice (especially in the React community) to create bound methods using a property initialized to an arrow function:

class MyComponent extends Component {
    handleClick = (event) => {
        ...
    }
    ...
}

So at first I was surprised to see that the readme for this proposal has a @bound decorator as one of the examples, given that using an arrow function seems more straightforward. Then I found this:
tc39/proposal-class-fields#80

...and I remembered that I myself had previously encountered issues with inheritance when using arrow functions in this way.

I'm guessing that this is why a @bound decorator is used as an example - since it's a more consistently readable way to bind methods, and thus preferable to an arrow function.

In any case, it could be helpful to mention something about this in the readme, in case others also wonder, "Why not just use an arrow function"? I understand if this is a low-priority change, but thought it was worth suggesting.

extras semantics should be better defined. Right now it is possible to define the same property in extras that belong to different original properties. It is even possible to define the same property more than once in the same extras array. What is the protocol here?

While it may indicate a bug, if somebody did it inadvertently, I suspect that the use case for that can be third-party libraries, which intentionally decided to create a property with the same name. Examples:

• A decorator wants to provide a default implementation for a certain method, if it is not defined by a user or some other library. Or piggy-back on it.
• I want to override destroy() method in different decorators, so I can destroy/finalize objects created to fulfill decorators purpose (delete HTML elements, remove event listeners, flush streams, notify a server that I am done, and so on).

Ideally it would be nice to have a way to reconcile such duplicates with a callback, and provide a reasonable default for it. finisher() looks like the right place for that. For that it should receive dups as a parameter, so potentially it can make sense of it. The default action can be as simple as overwriting duplicate properties indiscriminately.

Just for completeness: if it is possible to add more properties, why it is not possible to remove some of them? The simplest example would be a meta-property, which is saved to guide other decorators, or reflection methods, yet should not be preserved on a property/instance/constructor.

When you see a declaration of class C { @decorator #x }, there is no way in the current proposal for @decorator to make #x to refer to a different private name. Sure, the decorator can output a different private name in the key property, but that doesn't actually rebind what #x points to.

If we could rebind the keys, then we could make more ergonomic friend decorators, and possibly more efficient protected decorators. Friend decorators could look like this:

let key = new FriendKey();

class FriendClass {
  @expose(key) #x;
}

class Accessing {
  @use(key) #x;
  method(friendInstance) { friendInstance.#x }
}

Without the ability to rebind, usage patterns would look more like explicitly calling a function to read the private field.

Rebind could be another kind of decorator. It would just rebind a syntactic private name like "#x" to a different Private Name primitive. If a decorator wants to also create a method or field with that name, it can do so with extras.

An alternative would be to allow decorators to return a different element descriptor with the private name changed to a different private name. The decorator specification could see that a different private name was used, and interpret this as an instruction to also rebind the syntactic private name.

If we go with this option, we may want to make decorators, in general, prohibit changing the key. That way, when the key does change, it's interpreted as rebinding.

The funny thing about this option is, it would end up giving a private field or method to the class which is accessing the friend field or method. I can't think of a case where we'd want this behavior.

Another alternative would be to provide a different binding construct within classes to rebind private names. For example, this could be

class Accessing {
  private #x = FriendKey.use("#x");
}

Such a binding construct could be available outside of classes as well, potentially.

Previous discussion: tc39/proposal-decorators-previous#22

OK to leave for v2?

there are still open issues in the previous repository that are still relevant, but the aren't particularly visibly from here. They should be "out of sight, out of mind"

I just spent 10 minutes trying to figure out what was going one when a followed a "see it on github" link for such an issue and it brought me here to a completely different issue.

Previous discussion: tc39/proposal-decorators-previous#41

It seems especially important to note the differences vs the Babel and TypeScript decorator implementations, especially on the decorator user side.

I wonder if it would be worthwhile to pursue a syntax extension for functions to allow for multiple-parameter lists:

function defineElement(tagName)({ kind, elements }) {
    assert(kind == "class");
    return {
      kind,
      elements,
      // This callback is called once the class is otherwise fully defined
      finisher(klass) {
        window.customElements.define(tagName, klass);
      }
    }
  }
}

Probably not now, but perhaps worth considering at a later date if there's enough of a use case.

We've discussed in committee the idea that coalescing of class elements exists so you use one decorator that applies to a getter/setter pair. Coalescing takes place at runtime, since computed property names may be in use, so in general we don't have this error until the class definition actually executes. However, sometimes it will be apparent already at static semantics time--we could create an early error when non-computed names or private names form a getter/setter pair where each one is separately decorated. Should we do that?

Sorry if this is perfectly clear in the spec, but consider this example:

class C {
  @decorated #x, #y;
}

Does the decorator also apply to #y or just #x?

Does anyone have an idea for a use case for manipulating the initializer for a field? I can't think of one. It seems like you usually want to leave it in place. Maybe you want to create an initializer for your own synthetic private field, but do you need to see the initializer for an existing one, e.g., wrap it in something?

I guess one use case is, in the @observed/@tracked decorator, you want to take the initializer and put it on the underlying private field, replacing the previous field with an accessor pair.

Thanks to @adamk for raising the question.

The grammar for decorators allows the following expressions:

@A
@a.b.c.d
@a.b(c)

but not:

@A(b).c
@A(b)(c)

This inconsistency with call and dot expressions seems odd.

Also, proposal does not define what it means to evaluate those decorator expressions, although that's pretty obvious by analogy to existing expressions.

This proposal can currently support a few different frequently requested features for private fields and methods.

For protected fields or methods, it's possible to create decorators such as the following (as @bakkot demonstrated).

class Superclass {
  @protected #x;
  @protected #y() { }
}
class Subclass extends Superclass {
  @inherit #x;
  @inherit #y;
  method() { use(#x); use(#y()); }
}

For friends, it's possible to expose these things into a designated object, though accessing them would be a bit more awkward. It looks more like a metaprogramming construct.

let friendKey = new FriendKey();

class FriendClass {
  @expose(friendKey) #x;
  @expose(friendKey) #y() { }
}

class OtherClass {
  method(friendInstance) {
    use(friendKey.get(friendInstance, "#x"));
    friendKey.set(friendInstance, "#x", value);
    friendKey.call(friendInstance, "#x", arg);
  }
}

These are sort of documented in METAPROGRAMMING.md but that document is a bit difficult to read, and not opinionated or focused enough. Document these options better.

Proposal: Allow undefined as a key for field decorators. The semantics would be to just execute the initializers for its side effect. (Another superficial alternative would be to make this a new element type, which doesn't have a key field.)

A couple reasons this comes up:

• For static: If lexical declarations are added to classes, I'd imagine they would execute code in a manner which is interspersed with static field declarations. A class decorator can see and manipulate static field declarations. Therefore, we need some reification of the execution of lexical declarations, if only to preserve the way that they are interspersed. In this proposal, each lexical declaration's initialization would be thunked and put into the class element list. (Note: this means that we'd want to make arguments an earlier error in lexical declarations.)
• For instances: Often a decorator will want to run code as part of instance construction, towards the beginning of construction. This would provide that. Counter-point: Some of the time, the code that you want to run is actually at the end of construction, and an "instance finisher" would be more appropriate. (I've come across cases where the "beginning" semantics seemed more appropriate, but I can't remember them at the moment.)

PrivateNames are presented as a new primitive type. They are significantly different from Symbols in that they are not property keys, e.g., they don't work in [] and don't go through Proxy traps. However, in other ways they are somewhat analogous, in that it's a value which is used to access something related to an object.

Would it make sense to make being 'private' a 'bit' on Symbol? Instead of making a brand new primitive type, it could be a kind of symbol which is not a property key.

Ultimately, this is a distinction about aesthetics; I don't think it will result in a significant change in implementation or semantics.

First of all, thanks for putting together this proposal!

This feedback is based on the behavior that I think the proposal has from reading over the markdown files in this repo. I'm not sure I'm fully understanding the behavior, so some of this feedback might be based on a misunderstanding of how things work -- please feel free to correct me if that's the case.

Based on this paragraph, it seems like decorators have access to create and read private names on a class. The justification for this, from what I can tell, is that it would be convenient to use decorators to avoid duplicating common operators for private fields (e.g. by deprecating a private field with @deprecated, or by using an @observed getter to update a model).

I think there are compelling reasons to disallow decorators from accessing private state:

1. It breaks the encapsulation provided by private state. In my opinion, the biggest advantage of private state is that it's very easy to reason about fields locally, and fields can be renamed or refactored out within a single class without fear of breaking anything. It should always be safe to use find/replace within a class to rename a private field, but if an external decorator function can perform operations on private fields, this will no longer be the case.
2. The proposed use cases for private field decorators are unconvincing to me.
   • It shouldn't be necessary to deprecate a private field with a @deprecated decorator -- since the field is private, one could safely remove it and replace all instances with something else. A developer could also find all usages of the field just by searching for #foo in the class.
   • Along similar lines, I'm not seeing the advantage of using an @observed getter on a field rather than a private method. Using getters with side-effects is typically considered an anti-pattern anyway.
3. It would be useful to identify invalid private field references with static analysis. This won't be possible if decorators can create private fields at runtime. (edit: this would still be possible, see #4 (comment))

Thanks to everyone who signed up to do a Stage 3 review of decorators for the March TC39 meeting. Filing bugs in this repository is a great way to give feedback.

If it would be useful for any of you, I'd be happy to schedule a call where we can go over the proposal as a small group and we can discuss issues that way. Just let me know.

If you have reviewed this proposal and want to sign off on it as is, please say so on this thread and I'll check the box.

• @erights
• @waldemarhorwat
• @bradleymeck
• @dherman

Editors:

• @ljharb
• @zenparsing

Previous discussion: tc39/proposal-decorators-previous#32

OK to leave as a follow-on proposal?

tldr; I want to split PrivateName into another proposal so its API can be worked on.

With the current proposal (at least as of the Sep. meeting), PrivateName has become has become extremely intertwined with decorators.

• The constructor only serves a purpose as a field decorator's key
• The get and set functionality is only exposed as parameters to the decorator call

I think this really hinders the potential meta-programming that could be done with a "secure weak map". Specifically, I'd really like to see an API that totally independent of decorators, and potentially for any Object (not just classes).

The API I imagine is a specialized WeakMap:

// I'm writing this as JS. Imagine it's really an API contract
class PrivateName extends WeakMap {
  constructor() {
    // PrivateNames are not directly constructible, requires special syntax to create
    throw new Error('PrivateNames are insecure when instantiated without syntax');
  }

  get(key) {
    if (!this.has(key)) {
      throw new Error(`PrivateName ${this.description} is not initialized on key`);
    }
    return super.get(key);
  }

  set(key, value) {
    if (!this.has(key)) {
      throw new Error(`PrivateName ${this.description} is not initialized on key`);
    }
    super.set(key, value);
  }

  // #add is absolutely necessary if we decouple PrivateNames from decorators.
  add(key, value) {
    // Note, this throws if slot has already be added to the key.
    if (this.has(key)) {
      throw new Error(`PrivateName ${this.description} already initialized on key`);
    }
    super.set(key, value);
  }

  // #has is specifically for meta programming. Much easier than wrapping a #get call in a try-catch,
  // which will be what everyone will be forced to do without it.
  has(key) {
    return super.has(key);
  }

  // I'm iffy on #delete. But if we have an #add, a #delete is probably the necessary inverse.
  delete(key) {
    super.delete(key);
  }
}

Ignore prototypes and constructors for the moment, I'll address them with secure-ness a bit later.

As I mention in the comment, #add is absolutely necessary if we want to decouple PrivateNames and decorators. If this is really just a specialized WeakMap, we need a way to add the object into the PrivateName. Decorators can later directly use this method when initializing the slot during class instance construction.

class Test {
  constructor(value) {
    privateX.add(this, value);
  }
}
new Test();

// I work with Objects, too.
const obj = {};
privateX.add(obj, 1);

function dec(desc) {
  desc.elements.push({ 
    kind: "field", 
    placement: "own", 
    key: privateX 
  });
  return desc;
}

@dec class Test {
  // Internally, the decorated field is using #add
  // constructor() {
  //   privateX.add(this);
  // }
}

From @littledan's comments to me, this might be a pain point for implementors, since it would basically be modifying the internal structure of the object. I'm hopeful that this can be optimized away when using decorators, so that they're like pure internal slots when declared in the decorator's elements. As for manual adding, I think this is a necessary cost so that we can have truly meta-programable private state.

As for #has and #delete, these are to round out the API. I can already imagine that if we don't have a #has, I'm going to wrap #get in a try-catch to get the same functionality. And #delete seems like the inverse of #add. I just don't have a specific use case for it yet.

Now, how do we address secure-ness, while still providing a decent object-oriented API? Specifically, how can we guarantee that PrivateName constructor is the real native, not some monkey patched class, and how do we ensure that #get, #set, etc aren't monkey patched either?

I think we can get around this by making the PrivateName property on the global object non-configurable/writable. If that's not acceptable, maybe disallow explicit construction in favor of an explicit syntax?

private privateX; // Invokes constructor
privateX.add(obj, value);

// While this throws
new PrivateName('test'); // cannot invoke directly

Then, #get, #set, etc are not prototype methods, but own-properties that are set to %PrivateGet%, %PrivateSet% internal functions.

I think this avoids issues with any monkey patching.

Should decorators be able to create, rename and remove private names which are visible to class bodies? For example, we could have a @guid class decorator, which creates a #guid private field, which is accessible within the class body. Or, an @inheritProtected decorator could let you see the protected fields and methods of a parent class, accessible with # syntax directly, even without any statements in the class body that bind the name.

So far, I've shied away from this possibility, and tried to keep the private name scope "static". For example, programmers can depend on the fact that, when you see a syntactic #x in a method or initializer body, you can tell which enclosing class defined it by just looking for all the private field and method declarations. A decorator may rebind the value to something else, but you won't get a #x out of nowhere that doesn't correspond to a declaration. More flexibility feels a bit like with to me.

However, this flexibility may be useful for programmers. @bterlson raised this issue with me; I'd be interested in more input here.

In METAPROGRAMMING.md

// Replace a method with a field with a bound version of the method
function bound(elementDescriptor) {
  let {kind, key, placement, descriptor} = elementDescriptor;
  assert(kind === "method");
  if (placement == "prototype") placement = "own";
  function initializer() { return descriptor.value.bind(this); }
  delete descriptor.value;
  return { kind: "field", key, placement, descriptor, initializer };
}

It seems these two lines

  function initializer() { return descriptor.value.bind(this); }
  delete descriptor.value;

are not correct which cause descriptor.value be undefined when initializer is called.

I guess it should be:

  const {value} = descriptor;
  function initializer() { return value.bind(this); }
  delete descriptor.value;

The current proposal uses a globally exposed prototype to explain PrivateName. This causes some leakage of private state by snooping using:

const old = PrivateName.prototype.set;
PrivateName.prototype.set = (o, v) => {
  log(o, v);
  return old.call(this, o, v);
}

This can be used a number of ways (implementing getter/setter functionality, spies, attack, etc.), but I believe invalidates the goals of private state.

This can be somewhat easily changed to not use a shared reference that JS can get to. I am open to any ways to accomplish this, but have an idea below.

1. Change placement to include "private". Privacy is different from "own" in that others cannot access it by reflection alone.

2. When creating a descriptor for private fields, change the type to be an AccessorDescriptor bye default, with an internal field to the private field. I think converting it to a DataDescriptor should also be fine while working on it.

descriptor = {
   #field: #foo
   configurable: true,
   get() {},
   set(v) {},
}

3. Private field creation does more than mutate existing declarations on the class. I would like to see it be possible, but will not want it breaking hard privacy. If it is needed, for now a WeakMap does work. For now, I would leave mutating the class by adding private fields. The alternative is to return the descriptor on creation like above instead of using the global prototype approach, which I think would seem ok but odd.

According to the meeting notes here there is a slide deck illustrating decorator use cases. Unfortunately, the link to the slides is broken. Are those slides published anywhere?

Hi,

At the bottom of the README, one can read "Arguments and function declarations cannot be decorated.".
Is there a reason why functions should not be decorated?
Coming from a Python development background, my (only) use-case for decorators is to wrap functions, allowing me to extract redundant logic, short-circuit and do other great meta-programming things.

I would expect to be able to write code like:

@myDecorator
function myFunc(args) { 
    // code 
}

and

@myDecorator
const myFunc = (args) => { 
    // code 
}

Edit Maybe a better way of writing lambdas with decorators:

const myFunc = @myDecorator (args) => { 
    // code 
}

Argument decoration seems like a great feature as well:

function myFunc(@myDecorator callback, otherArgs) { 
    // code 
}

Thank you!

I noticed that there's no clear way to replace a class with a function (or something else that's not the class itself), and it'd be very useful to a lot of consumers. It'd address the if (!(this instanceof Foo)) return new Foo(...args) ES5 idiom by providing a sufficient replacement, as initially proposed in the call constructor proposal, which itself was rejected in favor of a decorator-based solution.

This proposal removes finishers from methods and fields. However, finishers may be useful there in order to add runtime metadata to methods and fields.

Previous discussion: tc39/proposal-decorators-previous#14

The definition of coalescing syntactic getters and setters is a bit high-level:

Let elements be elements with getters and setters of the same key coalesced, with later declarations overriding earlier ones.

This should be formalized with an actual algorithm. The algorithm should be equivalent to the old ValidateAndApplyPropertyDescriptor sequence that is used for ordinary things in classes, or a subset of its behavior (i.e., syntax errors some of the time), but not a different interpretation of the same combination of declarations.

Users have requested this for certain decorators which may return a new class that uses the decorated class in some other way than extending from it. See this thread on Twitter.

The subclass check was never important to the semantics and just intended as an error correcting nicety for users; it would be very simple to remove.

TAXONOMY and METAPROGRAMMING define a structure to describe a decorated element:

{
  kind: "method" or "field"
  key: String, Symbol or Private Name,
  placement: "static", "prototype" or "own",
  descriptor: Property Descriptor (argument to Object.defineProperty),
}

It appears that kind is largely redundant: it can be derived from a property descriptor:

function getKind (prop) {
  return prop.get || prop.set || typeof prop.value == 'function' ? 'method' : 'field';
}

Granted that someone can define a field initialized with a function, but it is … a method for all intents and purposes, and probably should be treated as such.

"Class decorators are passed in an Array of all class elements". Why exactly? To check elements by names linearly? To have them unsorted by placement? It appears that if we re-use an existing structure we gain utility and simplicity. I am talking about a dictionary of property descriptors consumed directly by Object.defineProperties() and Object.create(). If a class decorator receives three objects corresponding their placement, and can modify them in place, it will simplify a lot of things. (Obviously a class decorator needs to know the base class as well.)

Example: verify that render() is defined, add a default implementation otherwise:

const ensureRender = (proto, stat, own) => {
  if (!proto.render && !own.render) {
    proto.render = {value: (() => {}), configurable: true, writable: true};
  }
};

The example above is trivial. The array version will be less readable and much slower.

Example: do-it-yourself class in a class decorator:

const doItYourself = (proto, stat, own, Base) => {
  // merge our custom code with initialization of own
  const Ctor = makeConstructor(proto.constructor, own, Base);
  // take care of the prototype
  Ctor.prototype = Object.create(Base.prototype, proto);
  // take care of static definitions
  Object.defineProperties(Ctor, stat);
  // ...
};

Again, all code above is a small collection one-liners. The only non-trivial part is to generate a constructor, which will call the base, initialize own properties, and call a user-defined custom constructing code. It should be done anyway is a part of this proposal.

The proposal mentions, but does not define, a class finisher. The code above could very well be a spec for the default finisher.

Example: go back to the original array of elements:

const getKind = prop => prop.get || prop.set ||
  typeof prop.value == 'function' ? 'method' : 'field';

const getKey = name => 
  typeof name == 'string' && name.charAt(0) === '#' ?
    decorators.PrivateName(name.substr(1)) : name;

const generateElement = (placement, props) => name => {
  const prop = props[name];
  return {placement, key: getKey(name), kind: getKind(prop), descriptor: prop};
};

// convert to the old structure in a class decorator
const converter = (proto, stat, own) => {
  const old = [
    ...Object.getOwnPropertyNames(proto).map(generateElement('prototype', proto)),
    ...Object.getOwnPropertySymbols(proto).map(generateElement('prototype', proto)),
    ...Object.getOwnPropertyNames(stat).map(generateElement('static', stat)),
    ...Object.getOwnPropertySymbols(stat).map(generateElement('static', stat)),
    ...Object.getOwnPropertyNames(own).map(generateElement('own', own)),
    ...Object.getOwnPropertySymbols(own).map(generateElement('own', own))
  ];
};

Isn't it simpler and more flexible this way than an array of elements?

From @rbuckton during the September meeting:

Private name API. Decorators on two different class members that add an "extra" with the same name. Collisions? Talk offline.

I don't understand the concern. What would the collision be? You'd
just have two classes with an extra with the same name, and code that
accesses one would be able to access the other. Could you explain what
the problem is?

I get that the decorator on function is hard to implement due to the hoisting so they are out. Actually let over lambda(closure) is the same thing as the class, so it is justifiable for us to want to have a mechanism to make decorator works on function.

The let keyword don't have a variable hoisting and the variable defined by let is mutable. So we could make let to take the responsibility.

Example

define functions as decorator

let logger = x => {
    console.log(x);
    return x;
};

let inc = x => x + 1;

use case

@logger
@inc
let a = 5;
let b = "blablabla";

transform into

let a = 5;
a = inc(a);                       // a: 5 -> 6
a = logger(a);                    // logs "6"
let b = "blablabla";

It will also works on function expression defined by let when the decorator is a hyper function.