On Wednesday, 3 October 2012 at 05:04:01 UTC, H. S. Teoh wrote:
Yes that's what I mean. If the format string is known at
compile-time
and known to involve only @safe code, then this would work.
Something
like this might work if CTFE is used to parse the format string
piecemeal (i.e., translate something like writefln("%d %s",x,y)
into
write!int(x); write!string(" "); write!string(y)). The safe
instances of
write!T(...) will be marked @safe.
It doesn't matter if the argument is known at compile-time or
not, because there's no way to know that without receiving the
format string as a template parameter, in which case it must
*always* be known at compile-time (runtime format string would
not be supported), and then the syntax is no longer writefln("%d
%s", x, y). Obviously, such a change is not acceptable.
I suppose we could just use @trusted
and call it a day.
No, that would be abusing @trusted. The function would no longer
be safe, *because it contains possibly unsafe code*. @trusted is
for safe functions that the compiler cannot prove safe.
