Check that every function has a memory safety attribute (e.g., @safe)

[mcandre]

As an engineer, I want my D code to promote better memory safety, so that my applications run more reliably. Could D-Scanner add a rule to check that every function has an associated memory safety attribute (either @safe, or @trusted, or @system)?

[ghost]

Yes that's possible. However since D functions are often templatized and since their attributes are inferred this brings a question: should the the check warn on templatized function without memory safety ? (I think it shouldn't).

[mcandre]

Perhaps not by default. I’m just asking for the option to enable such a check. I am considering writing many applications in D as a compromise between portability vs safety. I understand that @safe is only the beginning for memory safety, and often requires manual effort and @trusted in practice. However, it’s better than nothing!

If some D linter could at minimum offer a configuration / flag to enable @safe, @trusted checks for my functions, then I would consider writing more D code. Otherwise, I’m sticking with Rust and Go, which are basically safe out of the box.

[ghost]

The check can definitively be done. Any takers ? There are already plenty of other checks inspecting the attributes (as example).

[wilzbach]

There's one very similar one which enforces this for all unittests (it's used for Phobos)