On Thursday, 5 February 2015 at 20:13:32 UTC, Walter Bright wrote:
On 2/5/2015 11:49 AM, Andrei Alexandrescu wrote:
As much as I was shocked about the use of
@trusted/@safe/@system in std.file,
std.array and sadly possibly in other places, I found no
evidence that the
feature is misdesigned. I continue to consider it a simple,
sound, and very
effective method of building and interfacing robust code. An
excellent
engineering solution that offers a lot of power at a modest
cost.
I do not support this proposal to change the semantics of
@trusted/@safe/@system.
I agree.
So the question is, what does @trusted actually buy you, since
the compiler can't check it?
It serves as notice that "This function merits special
attention during code review to check that it has a safe
interface and that its implementation is correct."
Couldn't you just use a comment?
