On Tuesday, June 07, 2016 16:04:05 Walter Bright via Digitalmars-d wrote: > On 6/7/2016 1:48 PM, Jonathan M Davis via Digitalmars-d wrote: > > So, while mass applying something like @safe temporarily to check stuff > > makes some sense, I really don't think that it's a good idea to do it in > > any code that you'd ever commit. > > The downsides you listed do not apply to @safe.
Sure they do. Regardless of the attribute, if it can be inferred, and templates are involved, you can't mass apply it, because because you almost always need the attribute to be inferred. And regardless of whether an attribute can be inferred, mass applying it tends to mean that it's harder to figure out which attributes a function is actually marked with. It's easier when it's just a label at the top of the file, but we've already had PRs in Phobos where an attribute got applied locally as part the PR, because the person doing the work did not realize that it was already in effect. And personally, it always throws me off when attribute labels or blocks are used, because it looks like the attribute is not being applied to a function when it actually is. I don't think that it matters what the attribute is. All of the same downsides apply. The primary difference with @safe over some of the others is that you can reverse it, whereas you can't with most of them. But even then, you can't tell a template to infer @safe when you've marked the whole file with @safe, so while you can change which level of trust you're applying to a function, you can remove the trust attributes entirely once one of them has been applied. Personally, I think that it's almost always a mistake to mass apply attributes - especially those that can be inferred in templated code. It does not play well with templates, and it causes maintenance problems. - Jonathan M Davis
