Like operator #160
Like operator #160
Conversation
sauliusg
added
the
PR/ready-for-review
| If implemented, the "LIKE" operator MUST behave as the correspoding standard SQL operator. In particular, | ||
| The `x` string MUST be interpreted as a pattern where an underscore character ('_', ASCII DEC 95, HEX 5F) | ||
| matches any single character and a percent character ('%', ASCII DEC 37, HEX 25) matches an arbitrary | ||
| sequence of characters (including zero characters). |
There was a problem hiding this comment.
Shouldn't then we also explain how to escape these characters, and how to escape the escape character? (should be \ IIRC
There was a problem hiding this comment.
Good catch. MySQL specification says that to search for \ in LIKE one would have to write \\\\ (instead of \\, which is common way to escape the escaping sequences in C and the like). Which will we choose?
There was a problem hiding this comment.
Thanks @giovannipizzi & @merkys for spotting this deficiency; I'll look up the existing escape rules and suggest a version in the text.
I agree with @giovannipizzi that we can use single backslash to escape characters, but we need to think over all possible combinations. I'll propose a variant in a while.
|
They say that this is just because they first C-unescape the string, eg to accept |
|
Maybe it's still good to point this out to implementers though, as I'm sure this will be a common error (but anyway if you don't want SQL injection you should encode your string, is the user passes a quote in itts string....) |
|
Is the hope to get this in for v0.10? Because, after having mulled over this a bit since the meeting last Friday, I think this is something we may want to discuss a bit more before merging. (To me, the point with the several rushed PRs this week is to make sure the spec is in a sane state for a v0.10 release, i.e., internally consistent and preferably without having rough completely backwards-incompatible changes just around the corner--- not so much to get new features in last-minute. I'd be happy to see a release v0.11 with this feature in shortly after v0.10.) Now, about the content of this PR: OPTiMaDe filters are designed to be user friendly for our target audience of 'client' end users, right? Hence, even as someone who knows SQL quite well, I'm not super stoked on building in the SQL convention into OPTiMaDe:
So, my suggestion is for us to skip SQL
This seems somewhat user-friendly, and would be trivial to search-replace into a corresponding SQL LIKE operator for us with SQL backends. (But I'd be ok with any other sensible quoting scheme as well.) |
|
I see @rartino's point and I tend to agree that, if there is no agreement, it's better not to merge this in 0.10 yet. A note on the choice of escaping: I think this is not yet "perfect":
I think the only solution is to have a third character for escaping. I see that using backslash is counterintuitive because one has to escape the string again (indeed to encode |
|
@giovannipizzi are indeed correct about the quoting scheme not yet being perfect. (For anyone confused by the discussion about I have a different suggestion for quoting now: going forward, even with other functionality, I think it may be very useful if we can extend our string tokens to represent "literal characters" aside "normal characters" using a single backslash. It would require a change in the grammar, so We then need some carefully formulated text in the specification, where we say that for all regular uses of a string token, a literal character Then in a Note: this solution allows marking any character in an OPTiMaDe string as "literal" with the following exception: the characters We might want to think forward to make sure this allows embedding a reasonable regex format. I think it does. |
|
@rartino wrote:
I though about this in the beginning (Issue #87), and then I realised that this is a very bad idea. Essentially we put on our shoulders a burden of developing yet another wildcard language, with the explicit goal to be not similar to existing ones, and with no apparent gains. This is a large work; as @giovannipizzi has just pointed out it is very easy to get it wrong; it gives no clear benefit, and adds extra burden on every implementer (because now everyone will have to implement, test and support this notation), and on every OPTiMaDe user (since everyone will have to learn a new wildcard language). I think this is very inefficient and unnecessary, since we will hardly give in the new wildcard syntax any new essential features that one does not have in SQL patterns, globs or regexps. And then, what is the reason to be not similar to SQL, or any other pattern/regexp standard? One might object to it if it were a MUST feature and one would have to re-implement it in an SQL-unfriendly backend; but since it is supposed to be an optional feature, those backends that find it difficult to implement can simply skip it, and offer their versions of 'MATCH REGEXP' instead. I think sticking to a known standard, if that standard is well documented, has clear benefits: a/ one can find working and tested implementations; b/ the documentation is out there c/ many people will already know the syntax d/ those who learn it anew will be able to use it also in other contexts (thus will have more incentives to learn it) I therefore suggest the following strategy:
In such setting, which is very simple, and is actually implied in this PR, I think we could make it even into v0.10 :). Regards, |
|
@rartino wrote:
It could be done, but at the moment I think it is totally unnecessary. Filter language itself does not define or handle regular expressions, just strings; strings can encode arbitrary character sequences, including backslash with any characters; we just need to escape the backslash as a double backslash. Thus, an ERE matching arbitrary number of stars after the |
True
True, this is a logical consequence of the current grammar. Java does the same with regexps in strings, awk does it the same way, and I suspect Python has no other option but to behave the same.
I still need to double-check how SQL escapes |
Why should it? As said, if the people find it difficult to implement, they just skip it (the feature is supposed to be optional). Unless they feel bitter envious that SQL has better pattern matching than their beloved super-modern backend, there should be no problems :P. And then again, I suggest also introducing (again optional) match operator syntax that would be easy to implement in alternative, non-SQL backends. |
Why? At least currently, most of the OPTiMaDe consrtium members do know about at least something SQL :)
One can always learn :). One just search for "SQL LIKE", and in 5 mins one has the answer. Also, we will include a short description and a couple of examples into the OPTiMaDe spec (I'll update my PR with these features).
Ehhh... why should we disregard SQL? Actually, DuckDuckGo on the "wildcard" search gives SQL on the first page, slightly below Wicktionary's description, and the top-most link in my current search (https://www.computerhope.com/jargon/w/wildcard.htm) mentions SQL convention ('%') as well, along with the asterisk convention.
That is why I suggested (#87) also describing the Should we also include
Again, this would be an argument to include an optional What does MongoDB and/or CoachDB support, actually? These would be probably the most likely backends that some of us actually use. |
|
I'll get to the individual points, but I see an important philosophical difference here, so lets start with sorting that out:
When we agreed on the need for optional features in the filtering language, you were very concerned about the fragmentation in support for filters that this would lead to. My argument was that optional features actually helps avoid fragmentation, because instead of every provider inventing their own extension for feature X, we now say in the standard that "you don't have to support feature X, but if you do, this is how you do it." That way, all providers that support feature X do it the same way, and queries are at least universal across all databases that support that feature. However, to get this effect, we need to be conservative with adding several optional features that are overlapping, i.e. exactly what you propose to do here. If we do, we get back to the same fragmentation we were trying to avoid. Now all databases will support only their own favorite brand of partial text matching operators, and partial text matching queries are not going to be universal even across databases that support partial text matching. Clients will constantly have to rewrite their queries to fit the text matching capabilities of each database. This, to me, is a too high cost for everyone to get their favorite syntax in. So, I'm very much against supporting e.g. multiple regex flavors, and rather want us to standardize on a flavor that is translatable into the specific ones used by the backends. I realize I put more work on implementors here, but this is necessary to achieve the main goal of a universal api: to provide a common interface for access. Edit: While the discussion in this comment is formulated about regexs, it very much applies to the suggestion to provide both an SQL LIKE operator and a GLOB operator (and perhaps also other pattern operators). This means end users of OPTiMaDe would have to learn all the pattern languages to use OPTiMaDe against multiple databases. This does not scale well. |
|
On the specific points:
I'm with you if we are talking about full regex support, I don't think we want to invent a new flavor of regexes. But, if we talk about patterns with character wildcards, that is trivial apart from how to do escaping. And, unless I am mistaken, there is no SQL standard for that escaping. If we pick one, e.g. MySQL, we still have to do the same amount of work to make sure we embedd it in a way consistent with our string quoting mechanism. This isn't easier than starting from scratch; and for all intents and purposes, we are creating a new pattern language in the eyes of users, because the actual strings they need to input are different in, e.g., how many backslashes are needed. In fact, what is likely to happen with the SQL approach is that users wondering how to represent a literal % will find a stack overflow question about, e.g., postgree SQL, try that syntax with whatever number of backslashes they use, and then be confused over the exact same string behaving differently in OPTiMaDe.
Right, but the point in much of the design we do is for the filter language to be user friendly. I know from heavy amount of experience that no one appreciates this "backslash hell" where several quoting mechanisms are stacked to yield unreadable expressions. If we can support single backslash qouting, is it not nice to do so?
My point here was that it is only SQL that uses
We are all database providers. Who are you designing OPTiMaDe for? I'm having the PhD students at our department in mind who do various projects that would benefit from easy aggregating of data across databases. I think few of them know SQL. |
ACK. And so, one flavour of matches should include RE support; but we do not make it mandatory and do not want to exclude the use of simpler matching mechanisms, do we? The proposed solution, with 'LIKE', 'MATCH ERE', 'MATCH PCRE' would permit standard implementation of various levels of patterns.
I agree, we don't :)
I don't find it trivial; it's not just regexp search/replace, since we will need to deal with escaped characters and character ranges within [] brackets. I feel that a client will have to do a full pattern parsing, and then map it into the backend's patterns/regexps if we want to have specific OPTiMaDe pattern syntax.
I think there is; I would be very much surprised if it did not. I do not have the latest SQL standard at hand (costs 180$ with ISO :/), but open sources on the Web (https://modern-sql.com/standard, http://www.contrib.andrew.cmu.edu/~shadow/sql/sql1992.txt) specify that the syntax is
As said, SQL
I would say it is much easier than starting from scratch, we just take a (subset) of a standard implementation.
Not if we take an existing standard(s) and reference it/them.
We should not confuse defining the meaning of patterns, and defining the way how to encode patterns into strings. Currently the OPTiMaDe string definition allows encoding any character sequence (using escapes); so we have no problem here. If we think that too many backslashes in escaped strings are awkward to read (I agree with this), then we can think about how to improve OPTiMaDe string escaping; this is an issue independent from match-pattern semantics, IMHO.
I don't find this argument convincing. If people take Postgress SQL specific (non-standard) rules and try to apply to something else, be it OPTiMaDe, MySQL, MogoDB or what not, of course they will get nonsense, and here you can not help them in any way – except maybe by writing decent OPTiMaDe documentation (that specified how OPTiMaDe patterns work) and advising them to use '-stackoverflow' in their Google searches :P. |
SQL seems to be still the most widely used database query language. Its patterns, as I see now after some days of searching on the Web, are very well described and present in all searches. Disregarding this as "only SQL" does not seem wise to me. Nobody will be surprised at SQL pattern languages if they do a short search on the Web. Yes, there are essentially two match syntaxes – SQL LIKE and PCRE. All the rest is variations and subsets of these two. SQL seems to be a fairly large chunk of DB implementations; probably SQL Another is ERE/PCRE. Also fairly popular. That's why I suggest having possibility to use either or both of them in OPTiMaDe queries. |
This won't help. Web is full of other how-tos. If we refer to some other standard in our specification, then we have to follow it as closely as possible. It's the "SQL" in "SQLish" that may get the user searching the Web and trying first hits of SQL syntax how-tos. |
I agree, and this argument convinced me that optional features are not bad. They will be even better if supplemented by machine-readable descriptions of "feature sets" (see #91, second suggestion).
I agree if the features are completely overlapping, but here we have different features with different trade-offs between search power and implementation complexity.
This is not true. I propose three well-defined optional features, so that, as you say, "if you do [them], this is how you do it.". Implementers then can choose which ones to implement.
Not really.
NO! If compliant to OPTiMaDe, they will support the ones described in the spec.
With optional features you will have to adapt your queries to different implementation, no way around it as long as you introduce options. This could only be made somewhat easier if each OPTiMaDe endpoint advertises in a machine-readable form which optional features they support (the above-mentioned "feature sets:"). And then, you do not need to re-write constantly, there will be no constant changes once the specs are out, will there?
Its not about favourite syntax, its about easier implementation. We can not require all implementers say "look, we have invented our own matching semantics, no go and implement it in your backend".
At the moment I think that "translatable into the specific ones used by the backends" is too difficult to be reasonably implementable.
I think the burden you suggest for implementers is unacceptably high. In that case, we are probably better of with just what is in the specs right now, STARTS/ENDS/CONTAINS. Regexp filtering can then be done at the client side if needed... |
This would be a good reason to make |
The issue is not what is supported by programming languages, but across database backends, since it is your database that needs to be able to search efficiently for matches of the regex. |
Right. Just checked MariaDB (backend for COD) and Mongo, both seem to support PCRE2 (although COD would have to update MariaDB to v10.5.1 to have PCRE2 instead of PCRE). It seems to me that JSON Schema draft is a subset of PCRE2. |
Just the fact that one of the most active OPTIMADE participants would need to update their backend is perhaps itself an argument against, e.g., PCRE2. Nevertheless, also consider, e.g.:
etc., etc. (To be honest, I didn't explicitly check that none of the above doesn't happen to exactly be equal to PCRE2, just that they don't explicitly say so.) |
Makes sense. However I have to check to make sure JSON Schema regex is really a subset of the old PCRE that our backend currently uses. |
After a quick look at the JSON Schema REs, I have the question similar to that one we had with the LIKE operator strings: how do we escape special characters? E.e. what is the regular expression according the the JSON schema variety to match "(", ")", "|" and similar characters? Maybe I overlooked in the https://datatracker.ietf.org/doc/html/draft-bhutton-json-schema-01#name-keyword-independence document, but I could not found the escape methods there... |
|
@sauliusg, according to the regular expression examples given in https://json-schema.org/understanding-json-schema/reference/regular_expressions.html, special characters can be escaped using a double backslash. |
There was a problem hiding this comment.
Thanks for this PR @sauliusg, I definitely support the inclusion of such an operator once we've ironed the technicalities out. Sorry I didn't have a chance to look through this before the last meeting!
I can easily add this construct to the optimade-python-tools reference server if we want a live version to play around with (perhaps if COD has it too we can do some empirical tests on the regexp engines rather than just trusting the docs!)
My review below mostly focuses on wording/typos, though I do have some concerns about adding both LIKE and UNLIKE as separate optional features (based on my current reading of the spec).
| * `identfier LIKE x` | ||
|
|
||
| * `identfier UNLIKE x` |
There was a problem hiding this comment.
| * `identfier LIKE x` | |
| * `identfier UNLIKE x` | |
| * `identifier LIKE pattern`: Is true if the property matches the provided `pattern`. | |
| * `identifier UNLIKE x`: Is true if the property does not match the provided `pattern`. | |
Adds a bit of explanation matching the format for CONTAINS etc. above. I think pattern is clearer than x here, as x is used as a placeholder for the substrings above. Also fixes a typo in "identifier" - will also add a separate suggestion for this in isolation.
| @@ -1287,8 +1287,22 @@ In addition to the standard equality and inequality operators, matching of parti | |||
|
|
|||
| OPTIONAL features: | |||
|
|
|||
| The following comparison operators are OPTIONAL: | |||
|
|
|||
| * `identfier LIKE x` | |||
There was a problem hiding this comment.
| * `identfier LIKE x` | |
| * `identifier LIKE x` | |
|
|
||
| * `identfier LIKE x` | ||
|
|
||
| * `identfier UNLIKE x` |
There was a problem hiding this comment.
| * `identfier UNLIKE x` | |
| * `identifier UNLIKE x` | |
|
|
||
| * `identfier LIKE x` | ||
|
|
||
| * `identfier UNLIKE x` |
There was a problem hiding this comment.
Is there a strong preference for UNLIKE rather than just NOT(identifier LIKE pattern)? Is UNLIKE is an SQL construct that I have not come across?
I guess the precedent for this is our inclusion of KNOWN and UNKNOWN -- I just don't think I like having two ways of doing different optional things, e.g., an implementation could choose to implement only LIKE and therefore has to implement ~LIKE but can still choose to ignore UNLIKE. At least KNOWN/UNKNOWN are both mandatory. I guess we could add to the spec that if LIKE is implemented then UNLIKE must also be implemented.
There was a problem hiding this comment.
Is there a strong preference for
UNLIKErather than justNOT(identifier LIKE pattern)? IsUNLIKEis an SQL construct that I have not come across?
UNLIKE is shorter, which is significant for URL-embedded querries...
I guess the precedent for this is our inclusion of
KNOWNandUNKNOWN-- I just don't think I like having two ways of doing different optional things, e.g., an implementation could choose to implement onlyLIKEand therefore has to implement~LIKEbut can still choose to ignoreUNLIKE. At leastKNOWN/UNKNOWNare both mandatory. I guess we could add to the spec that ifLIKEis implemented thenUNLIKEmust also be implemented.
I would say that if LIKE is implemented, UNLIKE also MUST be implemented; i.e. x UNLIKE "%s%" and NOT(x LIKE "%s%" MUST be synonyms – can we decide on that? If the LIKE is implemented, then implementing UNLIKE does not require any extra effort.
| If implemented, the "LIKE" operator MUST behave as the correspoding standard SQL operator. In particular, | ||
| The `x` string MUST be interpreted as a pattern where an underscore character ('_', ASCII DEC 95, HEX 5F) | ||
| matches any single character and a percent character ('%', ASCII DEC 37, HEX 25) matches an arbitrary | ||
| sequence of characters (including zero characters). |
There was a problem hiding this comment.
| If implemented, the "LIKE" operator MUST behave as the correspoding standard SQL operator. In particular, | |
| The `x` string MUST be interpreted as a pattern where an underscore character ('_', ASCII DEC 95, HEX 5F) | |
| matches any single character and a percent character ('%', ASCII DEC 37, HEX 25) matches an arbitrary | |
| sequence of characters (including zero characters). | |
| If implemented, the `LIKE` operator MUST behave as the corresponding standard SQL operator. | |
| The `x` string MUST be interpreted as a string-matching pattern where an underscore character ('_', ASCII DEC 95, HEX 5F) matches any single character and a percent character ('%', ASCII DEC 37, HEX 25) matches an arbitrary sequence of characters (including zero characters). | |
Fix a few typos and enforces one line per sentence
There was a problem hiding this comment.
@sauliusg makes a good point about the escapes. The text in the json schema standard points to the syntax standardized in ECMA-262, section 21.2.1 which says the syntax is "modeled" after Perl 5. However, the json schema standard then says - on SHOULD level - that the expressions should be "limit[ed] [...] to the following regular expression tokens", which doesn't actually include any description of the escape token.
This is likely an oversight. In the ECMA standard it is handled in the grammar where an
Atomcan be\plus anAtomEscape, which is then further discussed in 21.2.2.8.1.
If we describe, as suggested, the RE syntax in the OPTIMADE independently, we can strengthen the requirements as we see it fit. This is a good opportunity to correct the oversight, if it really was.
|
@sauliusg makes a good point about the escapes. The text in the json schema standard points to the syntax standardized in ECMA-262, section 21.2.1 which says the syntax is "modeled" after Perl 5. However, the json schema standard then says - on SHOULD level - that the expressions should be "limit[ed] [...] to the following regular expression tokens", which doesn't actually include any description of the escape token. This is likely an oversight. In the ECMA standard it is handled in the grammar where an If we end up quoting this subset of ECMA into our standard (as we discussed above that we may want to do), we probably want to clarify this. Furthermore, @sauliusg did question whether the lazy wildcards was widely supported; so we may want to consider to also exclude those, making our subset even more stricter than the one described by json schema. |
Co-authored-by: Matthew Evans <7916000+ml-evs@users.noreply.github.com>
Thanks, @vaitkus for finding this document! AFAIR, this is the same "random page" that I tried to refer to during the last meeting, or at least it looks very similar :). Under these circumstances I have no more objections to include a subset of these regexps, or the subset of regexps listed in https://datatracker.ietf.org/doc/html/draft-bhutton-json-schema-01#name-regular-expressions, in OPTIMADE. The only point I'd like to stress rather strongly: I would not reference any JSON document as a source of the description. I would rather explicitly list the permissible regexps in the OPTIMADE standards; we can (and should) reference the rationale, where these definitions come from – PCRE, JSON Schema, JSON Schema draft, etc., but the definitive list should be in the OPTIMADE standard. All RE construct listed in the mentioned documents seem to be modeled after the PCRE, and PCRE is probably the most convenient form of REs, so I suggest we go for it. That would leave us with one 'string MATCH "re"' or 'string MATCH /re/' operator, RECOMMENDED, to implement RE matches. |
Yes, also from prior discussion above I think we are generally in agreement on that the rules need to be stated in our standard. However - this a technicality - it is relevant for us to say that what we end up with is not just based on/inspired by the PCRE regex subset in the JSON Schema draft, but is equal to, or a subset (whichever is true) of the JSON Schema draft standard. The reason is that this matters for the other place we want to invoke this regex standard, namely when specifying RE string validations in property definitions. Question: what should a server do if a client uses REGEX that are valid PCRE2 but NOT constrained as specified? Since we've concluded that the ECMA standard is based on Perl 5 (i.e., PCRE2 if I'm not mistaken) we may as well say that supporting the subset is a MUST, but full support of PCRE2 is allowed, and on MAY level?
Right, about that - the PR right now implements them as "/"-delimited. I was initially surprised by that decision, but realized I had no reason to oppose it. Does anyone see things differently? |
So, to make things converge – is there a consensus, or at least not a strong opposition, to the following OPTIONAL features:
Shall we go for it? |
You are right, I start forgetting what is in the PR :). The |
If we do so, OPTIMADE RE will have to stay a subset of PCRE2 at least until the next major release. I am not against it, just stating that all additions/changes will have to be PCRE2 compatible. In addition, PCRE2 standard has life of its own, so if we tie OPTIMADE RE to PCRE2, we have to tie to some specific version. |
|
I suggest to skip
Doesn't the grammar change in the PR already do this with "/"? |
Using |
This is all true. And, arguably (but I suspect this will be argued...) our reference should be ECMA-262 v11 just like JSON Schema rather than a specific version of the PCRE2 library. Nevertheless, I feels strange about forcing those with full PRCE2 implementations in their backends to put in the extra work to lock away useful features. I suspect people will be reluctant to do that in practice. We could say (not saying it is a good idea) something along the lines of: "For non-compliant REGEXs servers MAY behave in any undefined way, including serving matches according to the PCRE2 standard (or any other standard). Non-compliant REGEXs SHOULD trigger a warning. Servers are free to document their behavior for non-compliant REGEXs." Such a statement does work against general compatibility, but will make implementing MATCH for various underlying REGEX standards a lot easier. Also for those backends where one need to translate REGEXs it would be nice to only have to worry about what the translator is doing for compliant REGEXs. |
I think the fact that the RE slash follows the |
I agree. Clients could use extensions at their own risk. |
Yes it does; I forgot it (had to review the PR again ;) |
Indeed. I suppose our LALR parsers will be able to handle that. |
Agreed. So we are converging on:
|
This is an excellent point. This is why we have to use |
|
To test for the possible grammar conflicts with putative diff --git a/optimade.md b/optimade.md
index 030be71..a364197 100644
--- a/optimade.md
+++ b/optimade.md
@@ -2164,7 +2164,7 @@ Filter = [Spaces], Expression ;
Constant = String | Number ;
-Value = String | Number | Property ;
+Value = String | Number | Property | Number, '/', Number ;
(* Note: support for Property in Value is OPTIONAL *)
ValueList = [ Operator ], Value, { Comma, [ Operator ], Value } ;
With it, every grammar test fails with the following output: Thus I assume |
This strikes me as strange, and may be a consequence on the details of how edit Actually, looking at your error message, isn't that just because it is impossible to distinguish |
This sounds strange to me as well, since I thing we tried things similar to REs, I guess. I wold like to look closer into the grammar and see if we can transform it in such a way that the language stays the same (with REs) and the ambiguity goes away. |
Offering implementation of the "LIKE", "NOT LIKE" and "UNLIKE" string matching operators in the Filter grammar, and briefly describing their semantics.
Alternatively, offering implementation of the "MATCH /regexp/" operator.