Merged
Conversation
jkotas
approved these changes
Sep 15, 2025
This was referenced Sep 16, 2025
Closed
EgorBo
approved these changes
Sep 19, 2025
Member
Author
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Rendered markdown
We plan to make memory safety a focus for the next couple releases. This document describes the overall plan and motivation. It references #330, which is an important part of the plan. Memory safety has always been a critical design tenet of C# and .NET. Now is a good time to revisit memory safety design assumptions and product behaviors. We believe we have an opportunity to significantly improve security posture for all .NET developers with this project.
Our plan is significant, however, it is not a breaking change. We plan to make the proposed behaviors opt-in for existing code. Like nullable, new templates may opt users into the new plan, however, those decisions are still months away and not important at this stage.
This plan is the result of a collaboration across language, libraries, runtime, and security design teams. We will be publishing additional design docs as the project progresses. We plan to make the dotnet/runtime repo the key focus for the project. Improvements to the core libraries lift all boats and also enable higher-level libraries and apps to be written with more accurate information on safety, per the design in the caller unsafe spec. We also believe that few other projects have more expansive or stringent requirements as dotnet/runtime.