@safe by default
Mathias Lang
geod24 at gmail.com
Thu Jun 6 23:56:20 UTC 2024
On Thursday, 30 May 2024 at 18:35:36 UTC, Atila Neves wrote:
> https://github.com/atilaneves/DIPs/blob/safe-by-default/safe-by-default.md
>
> Destroy!
I think it should eventually happen, but we are not ready for it.
The real problem is that it is currently hard to compose with
attributes. The problem is most evident with `@safe`, but happens
with `nothrow`, `pure`, etc...
Until we solve this problem, `@safe`-by-default would just be
trading one pain for another, and breaking the ecosystem in the
process. We saw what happened with DIP1000...
Provided the issue with composition of attribute is fixed, I
would make a suggestion to the DIP: Remove `@safe` entirely.
Others have hinted at it, and it seems the solution is simple:
Un-annotated definitions are `@safe`, definitions can be
annotated to be `@system` or `@trusted`, and `extern` definitions
MUST be annotated. It is also changing the perception - `@safe`
is not an add-on anymore.
More information about the dip.ideas
mailing list