|
Boost : |
From: Andrey Semashev (andrey.semashev_at_[hidden])
Date: 2019-12-05 08:59:11
On 2019-12-05 11:15, Alexander Grund via Boost wrote:
>
>> ```
>> void fixed_string<N>::resize(size_type s)
>> {
>> Â Â BOOST_FIXED_STRING_PRECONDITION(s <= this->capacity());
>> Â Â // then do the job
>> }
>> ```
>
> +1 on that. I'm always advocating for safe-by-default and found it a
> huge mistake to make operator[] the unchecked one instead of at()
>
> So using BOOST_FIXED_STRING_PRECONDITION which throws by default is the
> right choice IMO.
I'm strongly opposed. Make it a BOOST_ASSERT if you like but no checks
in release mode, please.
What's the point of this check when your index is guaranteed to not
exceed size()-1?
In my whole programming practice, not once did I need at(). Not only
because I didn't need the check at this point, but also because even if
I did need a check at some point before operator[] call, I also was not
satisfied with the exception at() would throw.
Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk