Shouldn't safety be the default.
Paulo Pinto
pjmlp at progtools.org
Tue Dec 26 19:32:56 UTC 2023
On Tuesday, 26 December 2023 at 15:35:55 UTC, Lance Bachmeier
wrote:
> On Tuesday, 26 December 2023 at 14:46:45 UTC, Paulo Pinto wrote:
>> On Tuesday, 26 December 2023 at 12:39:46 UTC, bachmeier wrote:
>>> On Tuesday, 26 December 2023 at 12:00:13 UTC, Sebastiaan
>>> Koppe wrote:
>>>
>>>> [...]
>>>
>>> The earlier proposal would have killed D. I no longer recall
>>> the details but it would have been miserable to interoperate
>>> with C code under that proposal. And without C
>>> interoperability, D is dead.
>>>
>>> All that's needed is a compiler switch rather than breaking
>>> everyone's code. Or an easy way to shut it off. Neither of
>>> those were on the table.
>>
>> Rust, Go, Swift, C# are doing just fine with the requirement
>> that C interop must be explicitly marked as unsafe.
>
> Aside from the massive amounts of money those languages had to
> start with, the primary use case of Go, Swift, and C# was not
> working with C, and Rust was explicitly written for someone
> wanting safe at all costs.
>
Cgo has been part of Go since the early days, Swift has been
designed with interoperability with Objective-C (a C superset),
and C++ has been supported in .NET since version 1.0 (yet another
C superset).
> D's primary selling point for many is interoperability with C
> and otherwise writing unsafe code. Not only would this break
> almost all of my existing code for no benefit, it would break
> any package I want to work with that uses unsafe code (anything
> on code.dlang.org that does anything with a pointer), so then
> I'm having to maintain my own fork of those packages. All the
> documentation and tutorials with even one line of unsafe code
> are suddenly broken.
How is that selling point going on since Andrei's book has been
published, in terms of D market share versus all newcomers?
>
> If D had been safe by default, this would not have been a big
> issue, even for those of us that don't care about safe by
> default. But to force this on us *entirely because you don't
> want to add a -safe switch to the compiler* is completely
> unreasonable. (The compiler switch was off the table, but the
> way you tested out the earlier DIP was by *using a compiler
> switch*.)
On which forum post am I advocating against -safe switch?
More information about the Digitalmars-d
mailing list