On Monday, 1 September 2014 at 17:59:07 UTC, Dicebot wrote:
On Monday, 1 September 2014 at 17:48:59 UTC, monarch_dodra
wrote:
I feels like you are missing the point of the @trusted lambda
construct, in that is meant to be used in generic code, where
you know a *piece* of a function is provably safe (eg:
@trusted), but not all of it: The rest of the code depends on
the inferred attributes of the parameter-dependent code.
If your function is not generic, then just mark it as
@trusted, and then that's that.
I totally disagree. Marking whole function @trusted (unless
those are extern(C)) is an abomination we should try to get rid
of. Trusted lambda must encapsulate minimal amount of code
possible together with all data validation if
necessary.Anything else simply does not scale with maintenance
and is likely to introduce holes in @safe.
I meant it mostly in that the proposal to mark the entire
function as @trusted isn't even *applicable* to template
functions.
I agree with you.
