-preview=safer for D

Timon Gehr timon.gehr at gmx.ch
Sat Dec 14 15:25:47 UTC 2024


On 12/14/24 16:12, Timon Gehr wrote:
> On 12/14/24 09:46, Walter Bright wrote:
>> Now that this has been merged into master, what are your reactions?
> 
> ...
> 
> I will probably use the flag, but I have projects where a lot of my code 
> or, more importantly, code in its dependencies, is templated and/or 
> infers return types. `-preview=safer` will just not do all that much there.

Furthermore, with `-preview=safer`, there are now those combinations (MS 
= memory safe interface):

             | MS       | guaranteed MS | maybe not MS
------------+----------+---------------+-----------------------
checks      | ???      | @safe         | default safety
no checks   | @trusted | cannot exist  | @system


So another thing that is a bit non-orthogonal is that there is no way to 
have non-transitive safety checks enabled in a function whose memory 
safety cannot be established using compiler guarantees. I.e. you cannot 
have both `@trusted` and default safety checks.


More information about the Digitalmars-d mailing list