I agree, people can be a little too afraid of unsafe. but I don't think it's necessarily ill-advised for a crate author to make a goal of removing unsafe from their crate.
crate authors that try to remove all unsafe often do it to relieve the burden of trust from the user.
_this_, in my opinion, is the power of the `unsafe` keyword (which probably should have been split into `trust_me` blocks and `check_yourself` functions). it constrains the conversations about memory safety into very tightly defined and auditable locations in the code, AND it creates new, manageable conversations about trust.
crate authors that try to remove all unsafe often do it to relieve the burden of trust from the user.
_this_, in my opinion, is the power of the `unsafe` keyword (which probably should have been split into `trust_me` blocks and `check_yourself` functions). it constrains the conversations about memory safety into very tightly defined and auditable locations in the code, AND it creates new, manageable conversations about trust.