Do we really need @unsafe?
Bill Baxter
wbaxter at gmail.com
Tue Nov 10 17:01:57 PST 2009
On Tue, Nov 10, 2009 at 3:56 PM, Walter Bright
<newshound1 at digitalmars.com> wrote:
> @unsafe was suggested (I think by Don) to provide symmetry with @safe and
> @trusted. This is a good point, but I'm starting to think that @unsafe is
> not a good idea.
>
> For example, one could make an entire module safe with:
>
> -------------------
> module foo;
> @safe:
> [...]
> -------------------
>
> And an observer could conclude that foo only contains safe and trusted code.
> But if @unsafe could override, he has to delve into it looking for @unsafe
> as well.
I don't assume that a class is entirely private when I see private: at the top.
Incremental search and grep are not difficult to use if you're trying
to find out if a module contains anything @unsafe.
> Furthermore, why would a safe module wish to expose unsafe functions?
> Shouldn't the programmer instead be obliged to produce trusted functions in
> it?
Private implementation might be using unsafe functions as part of the
implementation of trusted functions.
--bb
More information about the Digitalmars-d
mailing list