While it's great to have the ability to write proofs, I feel like the article makes it sound like it's some magic bullet that solves all the problems you have with mistakes and bugs in other languages. But really, there's nothing forcing you to even write said proofs, or define them properly, or turn spark mode on... so you can still make very large mistakes IMO that won't be caught by the compiler.
Ada
A community about the programming language, Ada.
About Ada Language
Ada is a modern, high-level programming language designed for developing reliable, efficient, and maintainable software systems. It was developed by the U.S. Department of Defense and is widely used in safety-critical and mission-critical applications. This community is dedicated to all things related to Ada, including discussions, tutorials, news, and projects.
Rules:
- Be respectful: Treat fellow community members with kindness and respect. Personal attacks, harassment, or any form of discrimination will not be tolerated.
- Stay on topic: Keep discussions focused on Ada language-related topics. Off-topic posts may be removed.
- No spam or self-promotion: Avoid excessive self-promotion or spamming of external links. Share relevant content and engage in meaningful discussions.
- Provide helpful and constructive feedback: When offering feedback on code or projects, be constructive and supportive. Help others learn and grow.
- Follow the instance wide rules.
agreed, and you have to get the proofs perfect, in whatever language in which they are expressed, to be useful. like you have to get the code correct twice to make sure it works once.
i think having safe patterns/apis where the compiler can automatically spot classes of potential error is a better approach
strong typing "Limited" in Rust? hmm :)
They're comparing it to Ada so maybe it's arguable. I'm not too familiar with Ada but I think it does have some type features that Rust doesn't. Though the example they gave (newtypes) is fairly easy in Rust too, and I'm sure Rust has type features Ada doesn't too.
Might be relevant to mention that Rust has formal verification methods available as well, similar to SPARK, but also optional. One that looks pretty appealing is this one: https://verus-lang.github.io/verus/guide/overview.html