Greenwashing: best practices
ag0aep6g
anonymous at example.com
Sat May 30 22:01:14 UTC 2020
On 30.05.20 23:31, Johannes T wrote:
> To force unchecked functions to compile, the corresponding declarations
> should be surrounded by @trusted { } block. The block suggests it was
> rubber-stamped without audit. It's also the path of least resistance for
> multiple functions. @trusted should only be added to a single
> declaration if it was verified.
I think it would be a mistake to try and distinguish `@trusted` from
`@trusted { ... }` that way. A UDA (.e.g `@audited`) would be a better
fit if you want to communicate that an audit has happened.
As far as I'm aware, there is generally no expectation of @trusted
extern functions having their implementations verified. First and
foremost, @trusted marks a safe interface [1]. Whether the
implementation is bug-free is secondary.
On a D function, @trusted is also just an "I think it's safe" comment by
the author. It doesn't indicate that the code was audited by anyone else.
[1] https://dlang.org/spec/function.html#safe-interfaces
More information about the Digitalmars-d
mailing list