Add new default macro to declare read-write variables

[PGimenez]

@essenciary @hhaensel

Right now we have @in and @out to declare read-write and read-only variables. Many times I've declared an @out variable by mistake and then wondered why the UI component it was bound to wasn't working. I assume this could happen to other people as well.

I'd like to have a different macro that would declare read-write variables and is named something other than @in, to avoid having to think whether the variable is read-only/read-write. Something like @io, @bind, @state.

And now that I think about it, given its name, @inshould only take values from the browser to the backend and not the other way around. But this would be a breaking change for people's apps so let's not do that.

[essenciary]

The @in and @out are safety features. They protect against people exposing data unwillingly. So explicit exposing of data is a good safety feature. It's much better to limit data output and realize and fix it, than unwillingly expose your data onto the client. It's similar to how in programming languages functions are private by default. If you can't access it, change the visibility.

As such:

• the change of alias will no longer make it explicit that the data is exposed on the internet, making the users vulnerable to serious data leaks
• as this is a safety feature, it makes no sense to have just input, that would be an artificial limitation and would require yet another macro for input+output. It makes no sense to have a variable that takes input but can not output (again, the key point is protection against accidentally accepting data from the outside world)
• so far I haven't heard this issue from anybody else
• the @bind macro is already used and @io and @state are nowhere clearer (and much less explicit about what they're doing)

[essenciary]

What about a different solution, like better errors/debugging? Ex in dev, if we try to access a variable that is not exposed, show a message: "Looks like you might be attempting to update the x var. The variable is declared as @out and won't accept new values. Make sure to change it to @in if you want to change its value`.

[essenciary]

We could also add aliases as @input and @output - I think these would be clearer.

[essenciary]

I want to stress that this is software for building data apps, targeting users and enterprises with highly sensitive data. We must 1000% err on the side of safety.

[PGimenez]

Ok I see, I understand now why we need both in/out. I agree with showing better error messages, that'd completely solve this issue.