Discussion Thread: DIP 1028--Make @safe the Default--Final Review

[Steven Schveighoffer]

On 4/5/20 9:28 PM, Jonathan M Davis wrote:
[snip]

I'm not disagreeing with any of this. Technically, @safe doesn't make 
sense on a C prototype.

But practically, preventing it doesn't buy us anything important. If you 
have a @safe extern(C) function (implemented in D), and it switches to 
@system, searching for @trusted to find its prototypes isn't the way to 
do it, you search for the function name. And technically, the @safe 
marking is correct, if the function is being checked.

There are a lot of rules in D which are technically sound, but result in 
pain and suffering in actual usage.

e.g:

static if(someBool)
    return x;
return y; // error statement not reachable

inout int[] arr;
writeln(arr); // OK
writeln(arr.filter!(a => a %5 == 0)); // Error: only parameters or stack 
based variables can be inout

I don't want to add to this list.

-Steve