[outsomnia]

If nothing else, const in an api is a very clear and welcome indication of what to expect.

Like myapi(uint8_t *dest, const uint8_t *src, size_t dest_len, size_t src_len), it's very clear what will be doing what with what.

You can cast const away and do something unexpected in there, but that's on you doing the Wrong Thing.

[tsimionescu]

In C, you don't even have to cast const away, since all pointer types are implicitly convertible between each other. So you can pass a `const int*` to a function that takes a `int*` with only a compiler warning, no errors.

[outsomnia]

Actually what's a warning or not is implementation defined, it's not defined in C.

If you're serious about your code, you will turn on -Werror -Wall -Wextra and anything else you don't like the look of, use static analysis and so on that makes this class of complaint moot.

[lmm]

> If you're serious about your code, you will turn on -Werror -Wall -Wextra and anything else you don't like the look of, use static analysis and so on that makes this class of complaint moot.

No it doesn't. No-one has ever come up with a concrete set of rules for how to build C and not have embarrassingly basic security bugs. It's always some vague "oh, if you use enough warnings and static analysis it's not a problem", and if you have security bugs evidently you weren't using enough, and if it's impossible to write anything or use any libraries then evidently you were using too many. A C language that actually works is vaporware.