On Friday, 22 May 2020 at 14:43:27 UTC, bachmeier wrote:
If you're compiling a program that calls into C, you know that's what you're doing, so you know you've given up any guarantees of safety.
The entire problem is that with DIP 1028, I *don't* know what I'm doing, because the compiler will silently allow me to write @safe D code that calls into unsafe C code.
Keep in mind that none of this requires *me* to write the call to C directly. It could be buried several layers deep in a dependency, and merely cause a D function I call to be incorrectly inferred as @safe.
