On Monday, 25 May 2020 at 16:29:24 UTC, Atila Neves wrote:
On Sunday, 24 May 2020 at 16:44:01 UTC, Paul Backus wrote:
If we were designing a new language from scratch, I would
agree 100% with your reasoning.
The problem is that there are un-annotated declarations in
existing code that have already been reviewed, committed, and
published under the assumption of @system-by-default. Those
declarations need to be flagged for re-review in order to
avoid introducing silent safety violations to existing D
projects.
I share your concerns on this, but disagree on the likelihood
of reviews having gone by under the assumption of @system by
default. I doubt most people even thought about
@safe/@trusted/@system, and that's assuming anyone reviewed the
code in the first place.
A few years ago I submitted several PRs to Phobos to mark all
unittests that could with @safe explicitly. I'd say that was a
good example of nobody reviewing them for their @systemness.
Walter's claim was that "un-annotated declarations are easily
detectable in code review." The intent of my response was simply
to point out that for existing D code, the opportunity for such
review, and therefore for the detection of such declarations, is
already in the past.
In any case, your response does not change my conclusion: the
compiler must warn D programmers that their declarations need to
be reviewed for compatibility with @safe-by-default. Whether they
were reviewed before that or not makes no difference.
