On Friday, 6 February 2015 at 23:25:02 UTC, Walter Bright wrote:
I suspect that such a feature would simply lull people into a
false sense of security in that merely tagging an unsafe cast
with @system and the compiler accepting it is good enough.
My evidence for this is how @trusted was used in Phobos.
How is adding @system to some operations *in addition to* adding
@trusted to the function declaration more likely to lull people
into a false sense of security than just adding @trusted right
now?
Let me also point out that the cases where the @system block
equivalent is used right now (like in std.file, or the trustedXyz
functions in std.array) are NOT the ones that actually have
safety bugs in them (such as std.array.uninitializedArray or
std.uuid.randomUUID). The two latter examples were actually
written in your preferred style.
David
