[pjmlp]

Many of us feel that way.

We have a schizophrenic attitude towards C++.

On one way we love the language, the expressive power it gives us, the type safety taken from Simula and Algol, thanks to C++'s type system.

On the other hand like Chris puts it "has its own class of problems because itʼs built on the unsafety of C".

So some of us tend to work around it, by using safer languages and only coming down to C++ for those tasks, where those better languages cannot properly fulfil them.

But as the CVE database proves, it only works if everyone on the team cares about safety, otherwise it is a lost game, only fixable by preventing everyone on the team to write C style unsafe code to start with.

Sure nowadays there are plenty of analysers to ensure code safety, but they work mostly on source code and like any tool, suffer from people really caring to use them.

[duneroadrunner]

It's still in early development, but there is a tool[1] that automatically converts potentially unsafe C/C++ code to be memory-safe. If the problem is C/C++ programmers that write unsafe code, rather than trying to change their practices (or even change the language they program in) maybe it's more practical to just have a robot "fix" the code.

[1] shameless plug: https://github.com/duneroadrunner/SaferCPlusPlus-AutoTransla...