remove several uses of unsafe (#8600)

This PR removes several uses of `unsafe`. I generally limited myself to low hanging fruit that I could see. There are still a few remaining uses of `unsafe` that looked a bit more difficult to remove (if possible at all). But this gets rid of a good chunk of them. I put each `unsafe` removal into its own commit with a justification for why I did it. So I would encourage reviewing this PR commit-by-commit. That way, we can legislate them independently. It's no problem to drop a commit if we feel the `unsafe` should stay in that case.
2025-08-04 10:48:32 +00:00 · 2023-11-28 09:50:03 -05:00 · 2023-11-28 09:50:03 -05:00 · f585e3e2dc
commit f585e3e2dc
parent 578ddf1bb1
10 changed files with 69 additions and 83 deletions
--- a/crates/ruff_python_literal/src/escape.rs
+++ b/crates/ruff_python_literal/src/escape.rs
@ -415,12 +415,10 @@ impl<'a> Escape for AsciiEscape<'a> {
    fn layout(&self) -> &EscapeLayout {
        &self.layout
    }
-    #[allow(unsafe_code)]
    fn write_source(&self, formatter: &mut impl std::fmt::Write) -> std::fmt::Result {
-        formatter.write_str(unsafe {
-            // SAFETY: this function must be called only when source is printable ascii characters
-            std::str::from_utf8_unchecked(self.source)
-        })
+        // OK because function must be called only when source is printable ascii characters.
+        let string = std::str::from_utf8(self.source).expect("ASCII bytes");
+        formatter.write_str(string)
    }

    #[cold]