vibe.d 0.8.0 and 0.7.31 beta releases
Kagamin via Digitalmars-d-announce
digitalmars-d-announce at puremagic.com
Wed Feb 8 02:30:06 PST 2017
On Friday, 3 February 2017 at 13:21:18 UTC, Sönke Ludwig wrote:
> Keeping the system overloads would break the safety guarantees
> at a relatively deep level and would render the whole effort
> rather useless (this is the case for non-scope callbacks only,
> so if you stumble over a deprecated function with a scope
> callback, then it should be fixed).
That's kind of intended: the system would inherit safety of the
code it calls. If the user code is not safe, there's no safety
guarantee.
> First, it actually has helped to detect some rather subtle
> issues in the past that have gone unnoticed for a long time
> otherwise.
Being @safe-compatible and provide @safe guarantees are different
issues. The latter follows from the former if user code is @safe
and doesn't follow otherwise.
> And, maybe more importantly, annotating code as safe is the
> only way to guarantee proper bounds checks, which is critical
> for a server component.
-boundscheck=on should do it, ldc provides even more control how
code is compiled.
> And finally, I feel that if nobody starts to embrace this on a
> broader level now, it will never reach a truly mature state.
Fake @trusted annotations don't count as adoption of safety.
Pedantically speaking @safe loses its purpose if @trusted code is
not verified. Especially if fake @trusted becomes a habit. That's
why safety can't be forced and is opt-in.
More information about the Digitalmars-d-announce
mailing list