@safe by default
Atila Neves
atila.neves at gmail.com
Mon Jun 3 15:55:00 UTC 2024
On Saturday, 1 June 2024 at 21:06:05 UTC, Timon Gehr wrote:
> On 5/30/24 20:35, Atila Neves wrote:
>> https://github.com/atilaneves/DIPs/blob/safe-by-default/safe-by-default.md
>>
>> Destroy!
>
> - I think even more important than the default is the ability
> to change the default (e.g. `default(@safe):`). This does not
> exist currently, but it would be required for easy migration.
That's a good point, but: do we only do it for this attribute or
for the others as well?
> - There is not really any value in being able to write `@safe
> extern(C)/extern(C++)` prototypes. It's wrong and any linter
> would need to have a warning for it. I would just require an
> explicit `@system` or `@trusted` annotation. Note that for
> `extern(C)/extern(C++)` prototypes, `@safe` and `@trusted` have
> _the same semantics and interpretation_, but only one of them
> looks adequately dangerous and is easy to grep.
I get this, but the issue is that those functions might actually
be written in D.
> - The DIP should clarify whether annotations like `@safe:`
> apply to prototypes or whether prototypes always need an
> individual annotation.
Added.
More information about the dip.ideas
mailing list