Shouldn't safety be the default.
Hors
q at q.com
Tue Dec 26 13:18:43 UTC 2023
On Tuesday, 26 December 2023 at 12:39:46 UTC, bachmeier wrote:
> On Tuesday, 26 December 2023 at 12:00:13 UTC, Sebastiaan Koppe
> wrote:
>
>> I very much hope it does. It is a lot more economical.
>>
>> 9 out of 10 projects only need the features you mentioned
>> sparingly. It is less effort to mark those place `@trusted`
>> than the situation we are in now, where you need to sprinkle
>> `@safe` almost everywhere.
>>
>> Another way to look at is that the features you mentioned are
>> almost always used exclusively in low level code that best
>> sits behind an abstraction. If trusted is the default you need
>> to mark anything using it `@safe`, but if safe is the default
>> you only need to mark a few reusable low level pieces of code
>> `@trusted`.
>
> The earlier proposal would have killed D. I no longer recall
> the details but it would have been miserable to interoperate
> with C code under that proposal. And without C
> interoperability, D is dead.
>
> All that's needed is a compiler switch rather than breaking
> everyone's code. Or an easy way to shut it off. Neither of
> those were on the table.
Makes sense, instead of a breaking change. We can use another
file extension for Safe DLang *.safeD, or [insert your idea
here]. That file extension is just D but @safe is default, then
it's no longer a breaking change as normal *.d codes still work.
More information about the Digitalmars-d
mailing list