Discussion Thread: DIP 1028--Make @safe the Default--Final Review
Timon Gehr
timon.gehr at gmx.ch
Sun Apr 5 20:40:16 UTC 2020
On 04.04.20 08:58, Walter Bright wrote:
> On 4/3/2020 2:42 PM, Joseph Rushton Wakeling wrote:
>> Now I'm not suggesting that D should do it because Rust does ;-) But
>> their reasoning seems sound, and I don't see an obvious reason for
>> assuming @safe-ty of functions that the D compiler cannot verify.
>
> In both Rust and D the reliance is on the programmer when calling
> functions in another language. D gives you the option to allow the
> programmer to treat them as safe if he wants to.
Which is fully unnecessary because @trusted fills that role perfectly fine.
The real D innovation that you appear to be arguing in favor of is that
D allows you to treat the function as @safe by accident, i.e., even if
you don't want to. :)
I don't understand your "elite C hacker" attitude towards this. If
(teams of) programmers never make mistakes, they don't need @safe.
(BTW: I am still getting new messages from up to two days ago. Not sure
what's up with that.)
More information about the Digitalmars-d
mailing list