D is not clean. It already has some cruft. For example, there should be no "@safe" annotation but an "@unsafe" one. Unfortunately, D picked the wrong default back then.
Pardon the pun, but @safe is a safe choice. IMHO, for general language it is more productive by having low hanging fruits as the default. The popularity follows consumer->enterprise->military->aerospace, and safety gets more critical up the systems food chain. That's propably the main reason Ada is not a common or popular programming language since it is for higher end of the food chain.
This makes more sense as an argument for dynamic typing or GC by default than a “safe” keyword, imo.
From my experience with Rust, there’s basically _never_ any cost in sticking to safe code. The standard library and crates pretty much always give you enough tools.
Unsafe is really only ever needed if you’re implementing the core of an abstraction, which is probably not something that’s going to deter “casual” users imo.
The borrow checker and and type system definitely can be thorny at times, though. Other times they’re very easy to work with! But having a more ergonomic way to fall back to Java-like behavior, if only for debug builds, would make languages like Rust _much_ more accessible.
