On Saturday, 28 July 2012 at 00:53:24 UTC, José Armando García
Sancio wrote:
On Fri, Jul 27, 2012 at 5:08 PM, David Nadlinger
<[email protected]> wrote:
2) The first step is necessary, but mainly of cosmetic nature
(think
`pure`, `pure2`). We still need to address for the granularity
and attribute
inference problem. The obvious solution is to add a "@trusted"
declaration/block, which would allow unsafe code in a certain
region.
Putting @trusted in the function header would still be allowed
for backwards
compatibility (but discouraged), and would have the same
effect as marking
the function @safe and wrapping its whole body in a @trusted
block. It could
e.g. look something like this (the @ prefix definitely looks
weird, but I
didn't want to introduce a new keyword):
Agreed. This is very similar to how Rust works. In Rust all the
functions are assumed to be @safe. Unsafe code can only be
performed
in clearly marked blocks. Note: I am not suggesting D should
implement
Rust's solution as David already pointed out.
-Jose
C#'s approach is also similar with the unsafe keyword.
