@safe by default

Atila Neves atila.neves at gmail.com
Fri Jun 7 00:58:50 UTC 2024


On Thursday, 6 June 2024 at 17:01:05 UTC, Timon Gehr wrote:
> On 6/3/24 17:55, Atila Neves wrote:
>>> - There is not really any value in being able to write `@safe 
>>> extern(C)/extern(C++)` prototypes. It's wrong and any linter 
>>> would need to have a warning for it. I would just require an 
>>> explicit `@system` or `@trusted` annotation. Note that for 
>>> `extern(C)/extern(C++)` prototypes, `@safe` and `@trusted` 
>>> have _the same semantics and interpretation_, but only one of 
>>> them looks adequately dangerous and is easy to grep.
>> 
>> I get this, but the issue is that those functions might 
>> actually be written in D.
>
> Why is this an issue?

The compiler would have access to the body and so would verify 
its @safe-ness.


More information about the dip.ideas mailing list