Rebooting the __metada/__mutable discussion
Timon Gehr
timon.gehr at gmx.ch
Sun Apr 10 14:52:43 UTC 2022
On 10.04.22 16:33, Bruce Carneal wrote:
> On Sunday, 10 April 2022 at 13:02:07 UTC, Zach Tollen wrote:
>> On Sunday, 10 April 2022 at 05:41:36 UTC, Bruce Carneal wrote:
>>> I view 1035 as a mechanism to extend the reach of @safe, to reduce
>>> the load on conscientious code reviewers.
>>
>> One aspect of DIP1035 I'm confused about in this regard is item (1) in
>> the [proposed
>> changes](https://github.com/dlang/DIPs/blob/72f41cffe68ff1f2d4c033b5728ef37e282461dd/DIPs/DIP1035.md#proposed-changes):
>> "An aggregate with at least one @system field is an unsafe type."
>>
>> This concerns me because it seems like it would extend the reach of
>> *@system*, rather than *@safe*. It seems like having one @system
>> variable would contaminate the whole structure so that you always had
>> to use @trusted just to do anything with it.
>>
>
> Yes, at what cost do we achieve additional (automated) safety? I have
> no 1035 improvements to offer, and support it as is, but I think that
> your concern here is on point.
>
>
Here, "unsafe type" has a very specific meaning that is actually
elaborated on by the DIP. Even unsafe types can typically be used from
@safe code just fine. I think this particular concern grew out of a
reading of the document that was overly cursory. This "contamination"
concern has nothing in the DIP to back it up.
More information about the Digitalmars-d
mailing list