Ok, I have a beef. I hate it when people say “well theoretically this should do X…” when that’s not what they really mean. Most of the time I hear it misused, the simplest replacements are either “ideally”, or “it should”, or “maybe”.

So what’s the distinction? I’m not a linguist, but I don’t think this sounds unreasonable:

  • Every user-facing function might santize its input. I don’t even know the stated proper behavior of the functions (maybe they were developed somewhere with different requirements on input-checking). I essentially know nothing.
  • Every user-facing function should sanitizes its input. I reasonably expect (but with no guarantees) that the stated proper behavior is to santize input, but I have no idea if all functions follow that behavior.
  • Every user-facing function ideally sanitizes its input. I am entirely positive that the proper behavior is to sanitize input, and the only instance of a failure would be due to programmer error.
  • Every user-facing function theoretically sanitizes its input. Either there is an immeasurably large number of functions forbidding me from testing them all, or an immeasurably large number of test cases per function. I know that the functions sanitize their input, and I haven’t been able to disprove it, but I don’t have a formal proof that all inputs and all functions are covered.

So, when someone says “theoretically”, I hope that’s a trustworthy statement. A communication breakdown like this (saying “theoretically” but meaning “maybe”) is likely to lead to testing headaches down the road, when it turns out that the functions weren’t right to begin with.

I suppose this is just another issue that unit tests solve.