On 2/5/2015 8:24 PM, Dicebot wrote:
What is worse, as it has been already mentioned, it is not just a one time effort - careful review necessity taints all code that gets called from @trusted code.
That is only true if the @trusted code has an unsafe interface. Determining if a function has a safe interface is a far, far smaller and more tractable problem than examining all the code that calls it.