On Wednesday, 16 June 2021 at 11:38:54 UTC, RazvanN wrote:
> Currently, @trusted applies only to functions. This is most of the times a pain when you want trusted code blocks inside functions. Why not simplify it a bit by using trusted scope blocks? E.g. this:
void foo() @safe
{
() @trusted { ... }();
}
becomes this:
void foo() @safe
{
@trusted
{
....
}
}
To make things easier, @trusted does not insert a scope (similar to static if
).
Of course, the feature would be additive (you can have both trusted functions and code blocks).
That would also provide an elegant workaround if void initialization is rejected in @safe code [1][2]. For example:
void foo() @safe
{
@trusted
{
int[100] a = void;
}
...
}
What do you think?
Cheers,
RazvanN
[1] https://issues.dlang.org/show_bug.cgi?id=17566
[2] https://github.com/dlang/dlang.org/pull/2260
I don't like that this allows implicitly lowering the safety level of any given function. As per example, the foo() function isn't @safe anymore, but @trusted. Which in turn should be reflected in the function signature. If this function is marked as @safe, I expect it to be @safe and not perform any shady stuff inside it. To me this really looks like foo() should be @trusted instead.
What I like more, is permitting to temporarily increase the safety level by using eg @safe blocks inside a @trusted function. For example
void foo() @trusted
{
int[100] a = void;
@safe
{
// Code with safety checks
}
}
Overall, if something like this is implemented, it should support all safety levels for blocks, including @safe and @system, for consistency purposes