When in doubt, trust Hyrum over Postel
Hyrum's law, also known as "The Law of Implicit Dependencies," states that "with a sufficient number of users of an API, it does not matter what you promise in the contract: all observable behaviors of your system will be depended on by somebody." In other words, users of an API will inevitably rely on behaviors that are not explicitly documented or guaranteed by the API contract. This is because as the number of users increases, the range of ways in which they use the API will also increase, leading to unexpected dependencies.
On the other hand, Postel's law, also known as the "Robustness Principle," states that "be conservative in what you do, be liberal in what you accept from others." This means that when designing a system, you should be strict in what you send out and lenient in what you accept from others. This principle is especially important in network communication, where different systems may have varying levels of strictness in adhering to standards.
The contradiction between these two principles arises when applying them in practice. Hyrum's law suggests that as a developer, you cannot predict all the ways in which your API will be used, and therefore cannot guarantee certain behaviors. However, Postel's law suggests that you should be lenient in what you accept from others, even if it goes beyond what you explicitly promised in the contract. These two principles can lead to conflicts, where one user relies on a behavior that was not guaranteed by the API contract, and another user relies on the opposite behavior, leading to unexpected results.
Why trust Hyrum?
It's easier to under-promise and over-deliver when needed, than to over-promise and reset expectations later.