Transition to @safe by default
Mike Shah
mshah.475 at gmail.com
Tue Aug 13 20:24:17 UTC 2024
On Tuesday, 13 August 2024 at 15:44:45 UTC, Quirin Schroll wrote:
> Best one yet:
>
> extern(C) int f() @trusted("Implementation is marked @safe");
If I own the implementation, is this possible? Call to f() would
be ambiguous (See below example).
I think I get your sentiment though :) The 'reason' provided
could be totally bogus -- BUT it will at least stand out for
folks aiming for 100% @safe code.
Providing some mechanism to users to indicate if @trusted is
being used as a bridge between @safe and @system code (intended
use), or if @trusted is merely being used a temporary fix until
you refactor cycles later could be useful.
I suppose you could also add your own User Defined Attribute
(UDA) to indicate the state of the functions "safeness" as well
though (e.g. @trusted int f() @("safe_eventually");) -- but that
doesn't seem very robust.
---------------------------------------
1 import std.stdio;
2
3 extern(C) int f() @trusted;
4
5 @safe int f(){
6 return 42;
7 }
8
9 void main(){
10 f();
11 }
safe.d(10): Error: `safe.f` called with argument types `()`
matches both:
safe.d(3): `safe.f()`
and:
safe.d(5): `safe.f()`
Failed: ["/usr/bin/dmd", "-v", "-o-", "safe.d", "-I."]
---------------------------------------
More information about the dip.ideas
mailing list