On 2/9/2015 1:36 AM, Dicebot wrote:
string toUpper(string s) @safe { char[] r = new char[s.length]; foreach (i, c; s) r[i] = toUpper(c); return cast(string)r; // <== unsafe operation }Shouldn't that be `return assumeUnique(r)` instead?
assumeUnique does a little more than assume the argument is unique - it also casts it, which is not a necessary consequence of holding a unique reference. For the purpose of this article, I'd rather have the unsafe cast be explicit rather than a side effect.
What about requiring to put in-code comment that mentions condition verified safety relies on? (here - actual uniqueness of r)
Good idea.
Introducing the 'trusted' template to be put in std.conv: @trusted auto trusted(alias fun)() { return fun(); }Is this guaranteed to be inlined in frontend?
pragma(inline, true) is not available yet!
Shouldn't it better be called `system` to denote operation is not actually trusted?
Andrei had the idea that one could simply grep the code for 'trusted' and thereby flag the code (trusted and @trusted) that merits special attention. I agreed it was a good idea.
