I was referring to a hypothetical "untrusted" block that might be used something like this:--- void foo(Range)(Range r) @trusted { // ...untrusted { r.front; } // Your manually checked code. untrusted { r.popFront; } // … } ---
Using current semantics we must not mark foo @trusted, if r.front and r.popFront aren't. Using the proposed @safe-blocks (are those untrusted blocks the same?) we could guarantee that, by wrapping the use of r.front and r.popFront in @safe-blocks.
This is limiting because now we cannot provide an foo marked @system for all @system ranges without boiler plate or duplicating the function.
Correct?
