the challenge is not debugging and hoping those buffer overflow will never happen.
As your strings can't grow, you'll find legit (or wrong) situation where you'll have to handle that ➜ If your code needs to be robust and ready for wrong user inputs, a misbehaving Serial line, a web server suddenly dumping a long answer, hackers trying to inject faults etc, you almost always need to test for possible overflow because as you said such an issue would lead to
So even with the safestring library you need to look at the API for each operation to know if there was an error.
You do that after the facts, possibly after messing up the content of a string.
hence my question
if you take the trust but verify approach (option 1), and you discover the operation failed, then you need code to unwind whatever was done to the string so that you can take corrective action ==> that means doing unnecessary work twice (and is possibly complicated).
if you check first (option 2), you don't mess up your data and handling the error is usually easier (no unwinding to do)
so you have to write testing code anyway, and if you do, you won't have to worry about