@trusted attribute should be replaced with @trusted blocks
Joseph Rushton Wakeling
joseph.wakeling at webdrake.net
Wed Jan 15 19:49:53 UTC 2020
On Wednesday, 15 January 2020 at 19:27:42 UTC, IGotD- wrote:
> On Wednesday, 15 January 2020 at 14:30:02 UTC, Ogi wrote:
>> Without @trusted the safety design will be much simpler to
>> grasp. Currently the are three vague keywords, complex rules
>> on which functions can call which and best practices on which
>> attribute you should choose.
>
> I also don't understand what's the point with @trusted. Should
> it only be used as a trampoline for safe code into the unknown
> or "some holds allowed" like something in between @system and
> @safe. I find this highly confusing. It's like x86 protection
> rings (ring 0 - 3) where rings 1 - 2 are seldom used.
>
> If you think about it @trusted is not necessary as you say that
> @trusted "must be manually verified", aka unsafe.
No. @trusted is about saying "This function should be safe to
use, but that safety has been designed by the developer rather
than being automatically verifiable by the compiler."
Contrast with @system which can be applied to functions that are
inherently not guaranteed to be safe -- e.g. where the safety (or
not) depends on what input the user provides.
More information about the Digitalmars-d
mailing list