Transition to @safe by default
IchorDev
zxinsworld at gmail.com
Tue Jul 30 05:11:04 UTC 2024
On Monday, 29 July 2024 at 18:23:37 UTC, Richard (Rikki) Andrew
Cattermole wrote:
> https://gist.github.com/rikkimax/37cc5db5f381a9adc1dde6a9bbcad46d
I’m really liking this idea, I think this is very close to
something I’d be fine with. I do have one reservation though:
Even people who want all of their code to be `@safe` (which
includes myself) often need to use C libraries. Even if you check
whole libraries to mark functions as `@trusted`, there are
libraries like OpenGL which require using `__gshared` function
pointers.
Riki’s DIP appears to address this by (correct me if I’m wrong)
making it so that these external C functions, when unmarked, can
be called by unmarked D code. The issue is, unmarked code can be
upgraded to `@safe`. I think this upgrade process should not
happen if a function calls an unmarked function with no body. In
fact, I suggest we make body-less functions `@system` by default.
More information about the dip.ideas
mailing list