@trust is an encapsulation method, not an escape
Zach the Mystic via Digitalmars-d
digitalmars-d at puremagic.com
Fri Feb 6 10:53:01 PST 2015
On Friday, 6 February 2015 at 17:12:40 UTC, David Nadlinger wrote:
> It seems obvious that explicitly whitelisting a small number of
> potentially dangerous but safe operations is much less
> error-prone approach than disabling compiler checks for
> everything and then having to remember to blacklist all
> unverified external dependencies.
>
> David
That seems obvious to me too. Isn't the whole purpose of having
'@trusted' in the first place to direct a programmer who's having
memory safety problems to the potential sources those problems?
But why have this and then stop at the function level? Why not
force the programmer to tag precisely those portions of his code
which cause him to tag his function @trusted to begin with? Why
help him get to the function, and then leave him hanging out to
dry once inside the function?
More information about the Digitalmars-d
mailing list