That’s no different from
<[T]>::get_unchecked. This kind of thing is exactly what
unsafe is there for. Even
v.set_len(v.capacity()) will trivially leak information.
Why do you think they’d be more successful at avoiding unsound code when they have to write all of it, rather than just call
Just because you run panic-abort, that doesn’t mean libraries should be written in ways that don’t work with panic-unwind. I consider libraries that aren’t panic-safe a much bigger problem than an an