On Sunday, 24 May 2020 at 08:55:32 UTC, Walter Bright wrote:
I infer your position is the idea that putting @trusted on the
declarations isn't greenwashing, while @safe is.
I can't see a practical difference between:
@safe extern (C) void whatevs(parameters);
@trusted extern (C) void whatevs(parameters);
Both require that whatevs() provide a safe interface. The
difference between them is in the implementation of those
functions, not the interface. Since the D compiler cannot see
those implementations, they are immaterial to the compiler and
user.
I've always understood that the @safe,@trusted,@system machinery
provides the following guarantee once all holes are fixed:
If I have a memory corruption in my code than I need to only look
at the @trusted and @system parts to find it.
Marking whatevs @safe violates this, marking it @trusted does not.
