On Friday, 6 February 2015 at 23:21:50 UTC, weaselcat wrote:
On Friday, 6 February 2015 at 23:02:54 UTC, Zach the Mystic
wrote:
No, at least three of us, Steven, H.S. Teoh and myself have
confirmed that we've moved beyond requesting @trusted blocks.
We are no longer requesting them. We are requesting *@system*
blocks, which can only appear in @trusted and @system
functions. Any unsafe code appearing in a @trusted function
which is not inside a @system block is an error. We've changed
the name, but I think it will make a world of difference
regarding how you will look at it. Marking '@system' code
inside a @trusted function is exactly what is requested. Your
message about '@trusted' being only acceptable as an interface
has been heard. There will be no @trusted blocks, only @system
blocks, which are the exact same thing, except they can only
appear in @trusted and @system functions.
This solution appeals to me greatly. It pinpoints precisely
where unsafe code can generate; it catches unintended safety
violations in all @trusted code outside @system blocks, as
requested by many people so far; it makes systems programming
highly visible, with redundancy at the function signature and
at the unsafe code itself. I really think it's spot on!
this sounds interesting, is anyone going to make a DIP for it?
It was Teoh's idea. Maybe he should have the honors?
