Nevin Liber wrote:
On 8 October 2013 13:17, Thorsten Ottosen wrote:
We just need to find a way to give both camps what they want, since both a valid use-cases.
No, we don't. Decide if your API has preconditions or not. For instance, the real difference between vector::operator[] and vector::at() is that the former has a precondition while the latter does not. If you define the behavior, it isn't a precondition, precisely because you are explicitly allowing it, and a correct program can call it with any value it likes.
This is, of course, one of the many hard parts of library design. Make strong choices. Making it "configurable" whether or not something is a precondition is a weak choice.
This, of course, doesn't mean you can't be friendlier if/when you detect a precondition violation in debug mode. But be very clear that it is a precondition violation resulting in undefined behavior.
+1