On 11/19/2013 4:01 PM, Andrei Alexandrescu wrote:
There's been recent discussion herein about what parameter validation method
would be best for Phobos to adhere to.
Important is deciding upon the notions of "validated data" and "untrusted data"
is.
1. Validated data should get asserts if it is found to be invalid.
2. Untrusted data should get exceptions thrown if it is found to be invalid (or
return errors).
For example, consider a utf string. If it has passed a validation check, then it
becomes trusted data. Further processing on it should assert if it turns out to
be invalid (because then you've got a programming bug).
File open failures should always throw, and never assert, because the file is
not part of the program and so is inherently not trusted.
One way to distinguish validated from untrusted data is by using different types
(or a naming convention, see Joel Spolsky's
http://www.joelonsoftware.com/articles/Wrong.html).
It is of major importance in a program to think about what APIs get validated
arguments and what APIs get untrusted arguments.
