On 24-06-2012 15:40, Jonathan M Davis wrote:
On Sunday, June 24, 2012 15:30:15 David Nadlinger wrote:
There is a serious @safe-ty issue with the current
implementation: randomUUID/parseUUID are marked @trusted, but
take an arbitrary range as template parameter, the methods of
which might be @system.
Nice catch. I failed to notice that and should have. @trusted on templated
functions is generally wrong.
I'm aware that this mistake is astonishingly easy to make, and
that code like that can be extremely tiresome to get right –
there is no way to mark only a part of a template function
@trusted, so you can rely on inference for handling cases where
safety depends on the template arguments. I should really try to
find the time to finish my @trusted rant post soon…
It can be done with helper functions and code duplication. I did it for save
in the recently added std.range.RefRange. But it's definitely true that it
would be nice to be able to somehow mark certain function calls or statements
within a templated function as being @trusted without marking the whole thing
as @trusted.
- Jonathan M Davis
Call me weird, but that seems like it would completely undermine the
@safe'ty system, no? Maybe I'm misunderstanding? It just seems like that
kind of escape hatch would result in @safe meaning basically nothing...
--
Alex Rønne Petersen
a...@lycus.org
http://lycus.org
