This is here for me to link to/copypaste whenever this discussion comes up; it is not a complex debate and I am bored of repeating myself in lesser words:

  1. Any behaviours or outcomes that a tool or toolset allows by design to occur, will at some point occur.

  2. Software engineers should be as rigorous as possible.

  3. Even software engineers with decades of experience make simple errors in production code.

  4. Expecting software engineers to possess a level of fallibility that does not consistently exist in the real world is not an expectation formed through non-emotional decision-making.

  5. Regardless of what confounding circumstances lead to the decision to use an unsafe tool when safer alternatives are available, that decision to use such a tool is a decision to enable & accept the consequences of the undesired behaviours or outcomes that tool enables by design.

  6. Unless truly necessary, using the most secure tools possible in every non-trivial scenario is the most prudent, professional decision.