On Sunday, 24 May 2020 at 03:28:25 UTC, Walter Bright wrote:
I'd like to emphasize:
1. It is not possible for the compiler to check any
declarations where the implementation is not available. Not in
D, not in any language. Declaring a declaration safe does not
make it safe.
2. If un-annotated declarations cause a compile time error, it
is highly likely the programmer will resort to "greenwashing" -
just slapping @safe on it. I've greenwashed code. Atila has.
Bruce Eckel has. We've all done it. Sometimes even for good
reasons.
3. Un-annotated declarations are easily detectable in a code
review.
4. Greenwashing is not easily detectable in a code review.
5. Greenwashing doesn't fix anything. The code is not safer.
It's an illusion, not a guarantee.
6. If someone cares to annotate declarations, it means he has
at least thought about it, because he doesn't need to. Hence
it's more likely to be correct than when greenwashed.
7. D should *not* make it worthwhile for people to greenwash
code.
It is, in a not-at-all obvious way, safer for C declarations to
default to being safe.
Apparently, you're of the opinion it's better the compiler does
the greenwashing. Got it!
