[ prog / sol / mona ]

prog


Is Rust really stable and safe?

1 2021-02-06 04:49

I see the issue tracker filled with crashes and severe bugs, but everyone preaches
how Rust makes the code much more secure and bug-free.
They also seem to be changing syntax every few months, but claim its stable with some
"semantic versioning" magic(how?). Do i have to rewrite code every year?
It seems there is huge disconnect with reality here, or really good marketing..

2 2021-02-06 07:51

It's marketing held together by people who don't know better. Companies enable it, by blatantly lying about how it's the first language to focus on speed and safety; it's not, and it doesn't even focus on safety well.

Rust is simply the effeminate man's Ada.

3 2021-02-06 10:02

I am pretty sure it is a cult. Every time I see someone mention anything slightly negative about it, they get dogpiled by a bunch of "rustaceans" who then proceed to complain about some grand conspiracy to discredit the One True Language that will save the world from the sins of C.

4 2021-02-07 10:27

Rust Nightly has been broken for 3+ days
https://github.com/rust-lang/rust/issues/81531

5 2021-02-08 17:33

and now for a message from our sponsors;
https://foundation.rust-lang.org/posts/2021-02-08-hello-world/

6 2021-02-08 18:20 *

>>5

As a flurry of blog posts from community leaders discussed in 2016: Rust’s product is not a programming language or a compiler. Rust’s product is the experience of being a Rust developer and it follows that Rust’s website declares its official slogan: “A language empowering everyone to build reliable and efficient software”.

Definitely not a cult.

7 2021-02-08 19:21

>>6

empowering

My heuristic is to stay away from anything or anyone who uses this word.

8 2021-02-08 20:12

Rewrite it in Rust strikes major python package
https://github.com/pyca/cryptography/issues/5771

9 2021-02-08 23:00

>>7
My thoughts exactly.

10 2021-02-11 05:28

>>8
Gentoo starts dropping architecture support because of Rust.
https://lwn.net/SubscriberLink/845535/b994663dd32cf51c/

11 2021-02-11 08:00

Show me just a single security vulnerability in Rust code.

12 2021-02-11 10:46 *

>>11

13 2021-02-11 10:47 *

>>12
I broke schemebbs again.

14 2021-02-11 10:48 *

>>12,13
#[allow(unsafe_code)]

15 2021-02-11 11:36

>>11
https://www.cvedetails.com/vendor/19029/Rust-lang.html

16 2021-02-11 11:47

>>11
https://medium.com/@shnatsel/how-rusts-standard-library-was-vulnerable-for-years-and-nobody-noticed-aebf0503c3d6
How Rust’s standard library was vulnerable for years and nobody noticed

17 2021-02-11 11:53

vulnerabilities in rust crates;
https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=rust

18 2021-03-01 14:04

Safe specifically refers to memory safety, it makes no promises outside of that. By attempting to solve the memory safety issue they also solved things like data races and issues with concurrency. That's all the "Safe" marketing is referring to.

As for stability I've only been using (non-nightly Rust) for a few months now, but haven't come across a single issue. That being said Rust 2018 got a huge overhaul and now that they got a foundation I'm sure there's going to be another roadbump to align to corporate interests but I'm pretty sure after that the fact that companies like Amazon and Microsoft want to use Rust to replace all of their back-end infrastructure leads me to believe there won't really be rocking the boat much after that.

19 2021-03-07 05:29

>>18
Are you an effeminate man?

20 2021-03-07 09:58 *

>>19
You have to go back.

21 2021-03-08 07:56

Rust fall out of grace already, Zig is the next big thing: https://lobste.rs/s/eppfav/why_i_rewrote_my_rust_keyboard_firmware

22 2021-03-08 10:09 *

>>21
Saying that it fell out of grace now is doing a favour, it fell out long ago.

23 2021-03-08 20:19

>>22
What do you mean, last week they were still raging about how support for architectures that don't have corporate backing should be abandoned so that Rust don't have to write a compiler backend for them.

24 2021-03-09 04:08 *

>>23
Rust was almost dead on arrival, the only thing pushing it for the community not mozilla was a evangelist revival of cargo cultist believing acting like you can solve programmers stupidity with safety mechanisms they will probably turn off all the time and if they couldn't, run off complaining they can't do anything with the language. Those cargo cultist are vary quick to latch onto something else. I'm sure zig has already fell out of grace, remember nim and dart.
As for mozilla and people who understand how the mechanisms work down to the metal, it's probably a vary productive language for their usecases, not the general community around it.
Same for golang, does anyone here understand what a plan9 rune and dial are, those abstractions are basic for golang, it's almost like golang is for the bell labs rapefuges working at google now.
You seam to now be talking about the disorder columnist and journalist seam to have, this is both from lasiness and something being known, mozilla is an easy target for drama and even ''nontechies'' will latch on.

25 2021-03-09 16:16

https://github.com/uutils/coreutils/ - "Cross-platform Rust rewrite of the GNU coreutils"

* Hosted on MS GitHub
* .vscode directory in the project root
* "Badges" in the README
* MIT license, used incorrectly
* Discord link
* No info manual

I don't care about Rust the language, but the Rust community is disgusting.

26 2021-03-09 17:01

>>25
How is it used incorrectly? If you mean the GPL dependencies, my understanding is that they will just cause the whole thing to be protected under the GPL, but only as long as they are actual dependencies. If they were to be replaced with pushover or proprietary alternatives, the coreutils itself could be used to oppress users. Am I wrong about this?

27 2021-03-09 18:06

>>26
Should have added an "apparently", at least according to https://app.fossa.io/projects/git%2Bgithub.com%2Fuutils%2Fcoreutils/refs/branch/master/cb61eae70969054ce2e4eb0b35dabecfb387fb4f/preview

28 2021-03-10 12:55 *

>>25
Wait till the year of RustOS/LispOS Desktop.

29 2021-03-10 17:07 *

>>28
you mean retoxos and mezzos?

30 2021-03-20 13:02

>>10
That's what you get having your package manager on fucking Python

31 2021-03-20 13:04

>>16
Holy cow, they tried to downplay a CVE

32 2021-03-20 13:07

>>21
Zig is also a syntax mess
For example

const std = @import("std");

pub fn main() !void {
    const stdout = std.io.getStdOut().writer();
    try stdout.print("Hello, {s}!\n", .{"world"});
}
33 2021-03-22 05:47 *

>>32
Which part is hard to understand for a hello world program?

34


VIP:

do not edit these