Steven Schveighoffer wrote:
On Thu, 05 Nov 2009 14:57:48 -0500, Michel Fortin
<[email protected]> wrote:
On 2009-11-05 13:33:09 -0500, Walter Bright
<[email protected]> said:
Safety seems more and more to be a characteristic of a function,
rather than a module or command line switch. To that end, I propose
two new attributes:
@safe
@trusted
Looks like a good proposal.
That said, since most functions are probably going to be safe,
wouldn't it be better to remove @safe and replace it by its
counterpart: an @unsafe attribute? This would make things safe by
default, which is undoubtedly safer, and avoid the unnecessary clutter
of @safe annotations everywhere.
If unsafe means you cannot pass pointers to local variables, then half
of tango (and other performance oriented libs which use stack allocation
as much as possible) will fail to compile.
While I agree with your point, quick question: could you use ref
parameters instead? Ref will be usable in SafeD.
Andrei
