Simplification of @trusted
IGotD-
nise at nise.com
Wed Jun 16 17:59:19 UTC 2021
On Wednesday, 16 June 2021 at 17:36:46 UTC, Alexandru Ermicioi
wrote:
>
> Yet, it forces to make entire function trusted if lambdas are
> not used, and safe guarantees are lost to remainder of the code
> due to that.
>
> +1 for moving safety qualifiers to code blocks instead of
> functions.
>
> Alex.
I have a better idea, throw it all out. What is @safe? It's a
limitation of operations you can do in D that might cause memory
corruption, like pointer casts and such. Wouldn't be enough that
the programmer self know about this and do not use those
potentially harmful operations? That would be enough according to
me but let's say that the programmer doesn't remember what is
unsafe/safe. Then a compiler switch that gives a warning would be
enough, at least for me.
I couldn't care less about this safe/unsafe and it just gets in
the way. It is also clear that despite you want to automate safe
code verification, you are unable to do so and the responsibility
falls to the programmer anyway. That you are unable to solve how
FFI should act (remember the famous DIP 1028) is also a reminder
of that.
More information about the Digitalmars-d
mailing list