We should try to make as much of our API @safe as possible... with just a few instances of @trusted where needed.