@trust is an encapsulation method, not an escape
Zach the Mystic via Digitalmars-d
digitalmars-d at puremagic.com
Sat Feb 7 12:37:40 PST 2015
On Friday, 6 February 2015 at 23:21:50 UTC, weaselcat wrote:
> On Friday, 6 February 2015 at 23:02:54 UTC, Zach the Mystic
> wrote:
>
>> No, at least three of us, Steven, H.S. Teoh and myself have
>> confirmed that we've moved beyond requesting @trusted blocks.
>> We are no longer requesting them. We are requesting *@system*
>> blocks, which can only appear in @trusted and @system
>> functions. Any unsafe code appearing in a @trusted function
>> which is not inside a @system block is an error. We've changed
>> the name, but I think it will make a world of difference
>> regarding how you will look at it. Marking '@system' code
>> inside a @trusted function is exactly what is requested. Your
>> message about '@trusted' being only acceptable as an interface
>> has been heard. There will be no @trusted blocks, only @system
>> blocks, which are the exact same thing, except they can only
>> appear in @trusted and @system functions.
>>
>> This solution appeals to me greatly. It pinpoints precisely
>> where unsafe code can generate; it catches unintended safety
>> violations in all @trusted code outside @system blocks, as
>> requested by many people so far; it makes systems programming
>> highly visible, with redundancy at the function signature and
>> at the unsafe code itself. I really think it's spot on!
>
> this sounds interesting, is anyone going to make a DIP for it?
It was Teoh's idea. Maybe he should have the honors?
More information about the Digitalmars-d
mailing list