Discussion Thread: DIP 1028--Make @safe the Default--Final Review

Thu Mar 26 19:30:16 UTC 2020

On 3/26/20 2:56 PM, Arine wrote:
> On Thursday, 26 March 2020 at 15:02:15 UTC, Steven Schveighoffer wrote:
>> Writing
>>
>> @system:
>>
>> At the top of your modules is not a big burden. If that drives you 
>> away from the language, then I'm sorry to say that you are missing out 
>> on the awesomeness of D, but I can't really help you.
> 
> I can, just write
> 
> @trusted:

This isn't a good idea. But yeah, you can do that at your own peril (and 
anyone who uses your library). I'd highly recommend using @system: instead.

> 
> This will be my goto solution as D lacks the means many other languages 
> have to maintain compatibility.

The means are: use the correct markings. @system works now, and will 
after this change.

>> How many people were driven away from windows development because they 
>> had to deal with __stdcall? You just googled for it (or whatever the 
>> hell was available at the time), said "oh this is how you do it", and 
>> did it. It wasn't a problem, you just did it.
> 
> You don't need to do that anymore, they changed it (for the better). It 
> probably did drive people away. Especially when you deal with small 
> issues consistently. They start piling up, and you can only deal with so 
> many tiny issues (which D has many of; and will only grow with all the 
> new changes coming forward).

Meh, you just do it. Saying "why do I have to write @system when I don't 
care about safety" is like saying "why do I have to write void when I 
have no return value". Just do it, and your code works. For those who 
don't care.

> 
>> This is only even a discussion because of the current situation. If D 
>> started out this way, you would have no idea there was even a problem 
>> here.
> 
> Right, because people don't want to have to keep updating their code or 
> have it be broken. Other languages ensure backwards compatibility, and 
> if they don't they provide a way to keep the code working without having 
> to modify the code to work.

I think the intention is to have an automated tool to mark things that 
are currently @system as @system explicitly. I would expect that feature 
in dfix, before this would become the default.

You are free to use other languages if you feel that way. IMO this 
change is for the better, and provides a much healthier default. Without 
it, most code is @safe-but-not-marked as that is the default. The new 
default will allow more usage of @safe.

> D's solution to the problem: "this is the best practice now". That 
> doesn't stop already written code from being broken.

Or again, switch to a "sensible" language like Rust or C# or C++. Don't 
pick Swift though, they change stuff all the time, it probably is going 
to die soon, I doubt anyone will put up with that.

-Steve