@trusted attribute should be replaced with @trusted blocks

ag0aep6g anonymous at example.com
Wed Jan 15 23:46:11 UTC 2020

On Wednesday, 15 January 2020 at 23:16:21 UTC, Joseph Rushton 
Wakeling wrote:
> No, I'm saying that it is useful to have a clear distinction, 
> visible in the API declaration, between functions whose promise 
> of memory safety can be validated by the compiler, versus 
> functions whose promise of memory safety cannot be validated by 
> the compiler.

You're saying that it is useful for me as a user of Phobos when I 
see that, for example, std.stdio.File.open is @trusted [1], right?

I disagree. It doesn't mean anything other than @safe in that 
context. Knowing that the function is @trusted instead of @safe 
is of zero use to a user of Phobos. It cannot help them make any 
decision whatsoever.

> It's a practical distinction, because it gives the developer 
> clarity about which parts of a codebase need to be examined in 
> order to rule out the possibility of memory safety violations.

I.e., it's a tool for library authors, not for library users. You 
clearly spoke of an "external" or "outside" user of the function 

[1] https://dlang.org/phobos/std_stdio.html#.File.open

More information about the Digitalmars-d mailing list