Transition to @safe by default
Richard (Rikki) Andrew Cattermole
richard at cattermole.co.nz
Mon Jul 29 17:39:22 UTC 2024
On 30/07/2024 4:40 AM, Walter Bright wrote:
> So I propose "safe by default" to mean, for unattributed functions:
>
> 1.
> do all safety checks /except/ checking for calling unattributed
> functions.
> 2.
> calling @system functions in unattributed functions will be flagged
> 3.
> calling unattributed functions will not affect attribute inference
After changing unattributed with ``@unkownsafety`` attribute, this reads
like it is acting as ``@safe`` with no extra steps.
BUT I think I know why!
It is the same diagnostic level!
In ``ErrorSink``:
```d
void memorySafety(Module m, TRUST safetyLevel, const ref Loc loc,
const(char)* format, ...);
```
It needs to be configurable.
``-msoff dmd.*``
``-mswarn dmd.*``
``-msinfo dmd.*``
By default it could be set to info or off.
Basically, if a function is marked as ``@system`` or ``@trusted`` you
don't do the ``@safe`` analysis. Otherwise for messages you call this
function and determines what level to print it as.
More information about the dip.ideas
mailing list