czw., 5 gru 2019 o 09:15 Alexander Grund via Boost
``` void fixed_string<N>::resize(size_type s) { BOOST_FIXED_STRING_PRECONDITION(s <= this->capacity()); // then do the job } ```
+1 on that. I'm always advocating for safe-by-default and found it a huge mistake to make operator[] the unchecked one instead of at()
So using BOOST_FIXED_STRING_PRECONDITION which throws by default is the right choice IMO.
However, in order for this to be implemented in `fixed_string`, the library authors would have to make (and document) a design decision that contract for using this library is that users write the code so that resizing never exceeds capacity, and if such condition is nonetheless ever detected it is treated as programmer bug. But my impression is that the library has taken a different route: it is absolutely fine to resize over capacity, and in this case the program will simply jump to a different place in the execution flow (throwing an exception does this), and user deliberately triggers this event because she wants to get to this specific place in program execution. But the library never documented which design was chosen, so I do not even know if it makes sense to suggest BOOST_FIXED_STRING_PRECONDITION(). Regards, &rzej;
_______________________________________________ Unsubscribe & other changes: http://lists.boost.org/mailman/listinfo.cgi/boost