On Thursday, 5 February 2015 at 19:49:41 UTC, Andrei Alexandrescu
wrote:
On 2/5/15 11:17 AM, H. S. Teoh via Digitalmars-d wrote:
In short, my proposal is:
Tainted variables are an interesting topic, but quite distinct
from the notion of separating safe code from unsafe code.
As much as I was shocked about the use of
@trusted/@safe/@system in std.file, std.array and sadly
possibly in other places, I found no evidence that the feature
is misdesigned. I continue to consider it a simple, sound, and
very effective method of building and interfacing robust code.
An excellent engineering solution that offers a lot of power at
a modest cost.
I do not support this proposal to change the semantics of
@trusted/@safe/@system. A separate tainted data proposal might
be of interest for loosely related topics.
Probbaly you and Walter should try maintaining Phobos for next
year alone then and see how it works. Maybe that will make some
issues more convincing.
This is absolutely ridiculous that every single one of existing
Phobos reviewers who actually worked with that code in practice
says that there is a problem with @trusted and you keep rejecting
it with "no, it is all good as it is" argument.
For me this thread was clear alarm : @safe in its current state
is a 100% misfeature and is better to be advertised against until
either its design changes or effective idioms are presented.
