Andrei's list of barriers to D adoption

Jonathan M Davis via Digitalmars-d digitalmars-d at puremagic.com
Tue Jun 7 16:59:48 PDT 2016


On Tuesday, June 07, 2016 16:04:05 Walter Bright via Digitalmars-d wrote:
> On 6/7/2016 1:48 PM, Jonathan M Davis via Digitalmars-d wrote:
> > So, while mass applying something like @safe temporarily to check stuff
> > makes some sense, I really don't think that it's a good idea to do it in
> > any code that you'd ever commit.
>
> The downsides you listed do not apply to @safe.

Sure they do. Regardless of the attribute, if it can be inferred, and
templates are involved, you can't mass apply it, because because you almost
always need the attribute to be inferred. And regardless of whether an
attribute can be inferred, mass applying it tends to mean that it's harder
to figure out which attributes a function is actually marked with. It's
easier when it's just a label at the top of the file, but we've already had
PRs in Phobos where an attribute got applied locally as part the PR, because
the person doing the work did not realize that it was already in effect. And
personally, it always throws me off when attribute labels or blocks are
used, because it looks like the attribute is not being applied to a function
when it actually is. I don't think that it matters what the attribute is.
All of the same downsides apply. The primary difference with @safe over some
of the others is that you can reverse it, whereas you can't with most of
them. But even then, you can't tell a template to infer @safe when you've
marked the whole file with @safe, so while you can change which level of
trust you're applying to a function, you can remove the trust attributes
entirely once one of them has been applied.

Personally, I think that it's almost always a mistake to mass apply
attributes - especially those that can be inferred in templated code. It
does not play well with templates, and it causes maintenance problems.

- Jonathan M Davis



More information about the Digitalmars-d mailing list