safe vs. unsafe (Was: Haskell Platform proposal: Add the vector package)

Yitzchak Gale gale at
Sun Jul 15 13:48:20 CEST 2012

Posting to libraries only.

Brandon Allbery wrote:
>>> And now I'm having a "so what's the point?" moment?  All this effort so
>>> we can just mark random stuff as
>>> Trusted anyway?

Henning Thielemann wrote:
>> Today we have 'unsafePerformIO'. So if we praise the merits of Haskell's
>> strong type system and then mention 'unsafePerformIO' the audience will ask
>> "so what's the point of type safety then?" Well, the point is that
>> unsafePerformIO is strongly discouraged and every use of it should be
>> considered carefully.

> We've just been told *not* to consider carefully for purposes of marking a
> module as Trustworthy; an argument based on considering carefully is not
> relevant.

In the vast majority of cases it's a no-brainer that your module
can be marked at least Trustworthy, if not Safe. The paper gives
well-defined simple criteria for when there might be a problem.
In the rare instance where there might be a problem, then yes,
you do devote some thought to it. And if you get it wrong, it's
just a bug that needs to be fixed, like anything else.

Safe Haskell automates the kind of sanity check that
we all know we should be doing for everything we write,
but have been neglecting because it takes too much time.
That makes it practical, not just theoretically possible.
That's a huge value. And it's very easy to implement,
hardly any effort. See Simon's paper.


More information about the Libraries mailing list