Re: [dev] Checksums and Sig files for release gzip

From: Laslo Hunhold <dev_AT_frign.de>
Date: Sat, 17 Apr 2021 17:57:05 +0200

On Sat, 17 Apr 2021 17:42:50 +0200
Mattias Andrée <maandree_AT_kth.se> wrote:

Dear Mattias,

> I've completely ignored Rust. What's the problem with it?

in regard to my argument: It has abysmal compile times and the compiler
is extremely bloated.

In general though, I see multiple issues with it: The crate-system
completely circumvents package-systems and a Rust program quickly
depends on dozens of crates, enabling the risk of problems we've seen
numerously with node.js (e.g. the leftpad-fiasco).

Language wise, I like the security concepts of it and it's true that
memory issues are the main bugs in a usual C-program, however,
languages like Ada (which is standardized and stable) has had the same
features for years and even goes beyond that (concurrency built into
the language, guarantees, much easier to read, etc.), allowing
compile-time guarantees against data-races and memory ownership. It's a
good foundation you can build your code on, and that's what nuclear
power plants and airplanes are programmed with.

Compared to that, programming in Rust is like building on sand. A lot
of elementary stuff is put into separate crates, there are 10 competing
ways to do things and the "favourite" method changes every few months,
requiring people to heavily invest time into restructuring their
programs and keeping up with the pace.

Anyway, I can't say it enough: Check out Ada 2012 (and the SPARK
subset) if you care about "secure" languages. It's not as lean as C, but
you end up solving so many problems with it, especially in regard to
software engineering and safety.

With best regards

Laslo
Received on Sat Apr 17 2021 - 17:57:05 CEST