Introducing Nullable Reference Types in C#. Is there hope for D, too?

Thu Nov 23 01:08:45 UTC 2017

On Wednesday, 22 November 2017 at 18:16:16 UTC, Wyatt wrote:
> "Need"?  Perhaps not.  But so far, I haven't seen any arguments 
> that refute the utility of mitigating patterns of human error.
>

Ok. that's a good point. But there is more than one way to 
address human error without having to further regulate human 
behaviour.

How about we change the way we think...for example.

I 'expect' bad people to try to do 'bad stuff' using my code. 
It's the first thing I think about when I start typing.

This perspectives alone, really changes the way I write code. 
It's not perfect, but it's alot better than if I didn't have that 
perspective. And all it required was to think differently. No 
language change, no further regulation.

So yeah, you can change the language.. or you can change the way 
people think about their code. When they think differently, their 
code will change accordingly.

My point about sophisticated IDE's and AI like compilers, is that 
they don't seem to have addressed the real issue - that is, 
changing the way people think about their code. If anything, 
they've introduced so many distractions and so much automation, 
that people are just not thinking about their code anymore. So 
now, language designers are being forced to step in and start 
regulating programmer behaviour. I don't like that approach.

You rarely hear anything about defensive programming these days, 
but it's more important now, than it ever was. I'd make it the 
number one priority for new developers. But you won't even find 
the concept being taught at our universities. They're too busy 
teaching students to program in Python ..hahha...the future is 
looking pretty bleak ;-(

Where are the 'Secure Coding Guidelines for Programming in D' 
(I'm not saying they don't exist. I'm just not aware of them).

What if I did a security audit on DMD or PHOBOS. What would I 
discover?

What if I did a security audit on all the D code at github. What 
would I discover?

Sophisticated IDE's and AI like compilers have not rescued us 
from this inherent flaw in programming. The flaw, is a human 
flaw. A flaw in the way we think.