@safe question
H. S. Teoh
hsteoh at quickfur.ath.cx
Wed Jan 12 00:45:23 UTC 2022
On Wed, Jan 12, 2022 at 12:24:14AM +0000, forkit via Digitalmars-d-learn wrote:
> On Tuesday, 11 January 2022 at 21:50:00 UTC, Paul Backus wrote:
> > ..
> > If you know a particular bit of code is memory safe, but the compiler
> > can't prove it, you can mark that code as @trusted. For example:
> >
> > () @trusted { pointers ~= &str; )();
> >
> > This example uses an immediately-invoked function literal [1] (also
> > known as a "lambda") to apply the @trusted attribute to a single
> > statement.
> > ...
>
> Thanks again. Really useful information.
>
> The more I use D, the more I feel that I'm falling into a deep, deep,
> deep....rabbit hole.
IMNSHO, that @trusted lambda thing is an anti-pattern that should be
avoided, needless to say already promoted. It's papering over a problem
that ought to be fixed instead of being pushed under the rug.
If it takes -dip1000 to compile the OP's code, then I say, by all means,
use -dip1000. It's not *that* hard to add a compile switch to your
build. I know dip1000 isn't quite there yet, but how is it supposed to
"get there" if everyone is avoiding to use it? We should rather be
pushing more people to use it so that more flaws are discovered and
fixed, rather than avoiding it and letting it languish, and 5 years
later the same old flaws continue to sit unfixed.
T
--
People walk. Computers run.
More information about the Digitalmars-d-learn
mailing list