On 2/5/15 1:54 PM, H. S. Teoh via Digitalmars-d wrote:
However, I don't agree that the entire function can be marked @safe. Otherwise, @safe code will now contain arbitrary @trusted blocks inside, and so anybody can freely escape @safe restrictions just by putting objectionable operations inside @trusted blocks. The function still needs to be marked @trusted -- to draw attention for the need of scrutiny -- *but* the function body is still confined under @safe requirements, except that now the "escape hatch" of @trusted code blocks are permitted as well.
Let's assume @trusted means @safe code can call it, but it may have @system-like functionality in it (however it happens).
Whether it's in an internal lambda/nested static function or not, the point is, @safe code can call @trusted code. To say that @safe makes some promises above/beyond @trusted is just incorrect.
Now, if you're saying @trusted cannot be called via @safe, then I don't know what your plan is for @trusted :) If that's true, please explain.
-Steve
