
Rust: rename 'unsafe' to 'trusted.' (2014) - protomikron
https://github.com/rust-lang/rfcs/pull/117
======
protomikron
A very old discussion where Rust's syntax was heavily in flux, so that ship
has probably sailed ...

In my opinion the author has a point: some libraries (e.g. stdlib) _need_ to
use 'unsafe' to implement certain concepts, but its usage in general is
heavily discouraged - similar to the situation in Haskell-land where they have
unsafePerformIO.

Obviously you are expected to "know what you are doing", when using 'unsafe',
and you really should only use it if there is no better alternative.

However it might also lead to cases, where the language gets (unjustly) ruled
out for certain projects, as people don't _want_ to write something that's
_unsafe_ , so maybe 'trusted' or something similar (without a negating prefix)
might have been a better choice. In the end this is obviously just cosmetics
and the compiler and the machine won't care, but I am not sure if it is the
same for _people_.

Thoughts?

~~~
steveklabnik
I agree :p

I don’t think it’s _that_ big of a deal, though people do sometimes still
misunderstand. Every language has warts. This isn’t a huge one.

~~~
vkjv
I like the use of "unsafe" for something that you don't want to reach for
first. Those who are new get a very clear warning and those who aren't have
had the opportunity to understand the nuances.

React uses the term "danger" to express a similar concept. You are trusting
this value to already have been sanitized / escaped.

[https://reactjs.org/docs/dom-
elements.html#dangerouslysetinn...](https://reactjs.org/docs/dom-
elements.html#dangerouslysetinnerhtml)

¯\\_(ツ)_/¯ I don't actually feel that strongly about a keyword that is used
sparingly.

Aside: Thanks for everything you do for Rust and the community!

~~~
moosingin3space
I think "unsafe" was a good name. Rails ERB templates use the `html_safe` name
for something that the author knows to be HTML-safe, which is confusingly-
named, implying that using `html_safe` makes something HTML-safe.

