On 2019-12-05 11:15, Alexander Grund via Boost wrote:
``` void fixed_string<N>::resize(size_type s) { BOOST_FIXED_STRING_PRECONDITION(s <= this->capacity()); // then do the job } ```
+1 on that. I'm always advocating for safe-by-default and found it a huge mistake to make operator[] the unchecked one instead of at()
So using BOOST_FIXED_STRING_PRECONDITION which throws by default is the right choice IMO.
I'm strongly opposed. Make it a BOOST_ASSERT if you like but no checks in release mode, please. What's the point of this check when your index is guaranteed to not exceed size()-1? In my whole programming practice, not once did I need at(). Not only because I didn't need the check at this point, but also because even if I did need a check at some point before operator[] call, I also was not satisfied with the exception at() would throw.