RFC: Change what assert does on error

[Jonathan M Davis]

On Friday, July 4, 2025 6:48:21 AM Mountain Daylight Time Richard (Rikki) Andrew Cattermole via Digitalmars-d wrote:
> Contracts are a good example of this, they are inherently recoverable
> because they are in a functions API, they are not internal unrecoverable
> situations!

Not really, no. The point of contracts is to find bugs in the calling code,
because the function has requirements about how it must be called, and it's
considered a bug if the function is called with arguments that do not meet
those requirements. The assertions are then compiled out in release mode,
because they're simply there to find bugs, not to be part of the function's
API.

On the other hand, if a function is designed to treat the arguments as user
input or is otherwise designed to defend itself against bad input rather
than treating bad arguments as a bug, then it should be using Exceptions and
not contracts. The fact that they're thrown is then essentially part of the
function's API, and they need to be left in in release builds.

By definition, assertions are only supposed to be used to catch bugs in a
program, not for defending against bad input. They're specifically there to
catch bugs rather than protect against bad input, whereas Exceptions are
left in permanently, because they're there to protect against bad user input
or problems in the environment which are not caused by bugs in the program.

- Jonathan M Davis