this post was submitted on 10 Nov 2024
199 points (92.7% liked)

Programming

17313 readers
100 users here now

Welcome to the main community in programming.dev! Feel free to post anything relating to programming here!

Cross posting is strongly encouraged in the instance. If you feel your post or another person's post makes sense in another community cross post into it.

Hope you enjoy the instance!

Rules

Rules

  • Follow the programming.dev instance rules
  • Keep content related to programming in some way
  • If you're posting long videos try to add in some form of tldr for those who don't want to watch videos

Wormhole

Follow the wormhole through a path of communities [email protected]



founded 1 year ago
MODERATORS
top 50 comments
sorted by: hot top controversial new old
[–] rational_lib 7 points 2 days ago (1 children)

Imagine if there was a hack so bad that it caused everyone to become unable to develop in C and C++.

Classic "let's just make the cure worse than the disease" mindset among security enthusiasts.

[–] [email protected] 0 points 1 day ago* (last edited 1 day ago)

Imagine if there was a hack so bad that it caused everyone to become unable to develop in C and C++.

Well, there is one that will imply you can only develop using anything that you have bootstrapped yourself, using hardware that you have designed and manufactured yourself, using tools that you have designed and manufactured yourself, using tools that you have designed and manufactured yourself ...

... with your own bare hands.

[–] riodoro1 39 points 3 days ago (1 children)

The US government has more pressing issues I think.

Maybe it can shut the fuck up an let me do my job in contrast to its judicial branch.

[–] [email protected] 4 points 3 days ago (1 children)

What if I told you the judicial branch is doing its job because it was always evil to begin with?

[–] riodoro1 4 points 3 days ago

I would say you’re right

[–] Solemarc 85 points 3 days ago

I don't get why we're taking a swing at Linus here. The article only mentions him in relation to the rust for Linux project being slow going. But, it IS going and the US government has only stated that "you need a plan to move to a memory safe language by 2025 or you might be liable if something bad happens as a result of the classics (use after free/double free/buffer overflow/etc.)" but I don't think Linux would count it's free software and it does have a plan.

[–] [email protected] 135 points 4 days ago (17 children)

Why the swipe at Linus? He's been supportive of rust in the Linux kernel.

[–] nutsack 10 points 3 days ago* (last edited 3 days ago) (1 children)

they don't swipe him at all. I don't know why his picture is there

[–] [email protected] 8 points 3 days ago

because that makes people click

load more comments (16 replies)
[–] LovableSidekick 7 points 2 days ago* (last edited 2 days ago)
[–] [email protected] 85 points 4 days ago

If only it were that easy to snap your fingers and magically transform your code base from C to Rust. Spoiler alert: It's not.

How utterly disingenuous. That's not what the CISA recommendation says, at all.

[–] [email protected] 2 points 2 days ago

Need more carrot

[–] [email protected] 13 points 3 days ago

well, i'm glad the US government is at least aware what C and C++ are!

[–] [email protected] 10 points 3 days ago (2 children)

The comment thread in that article is interesting. Grep for Ada.

[–] omega_x3 7 points 2 days ago

The US government hates anything that can perform math too fast.

[–] MajorasMaskForever 5 points 2 days ago

As someone who learned Ada for a defense job years ago, I've been wondering how long it was going to take until I saw others comparing Rust to it, both in the sense of the language "safety" goals and the USG pushing for it.

While the rust compiler is leagues better than any Ada compiler I ever had the misfortune of dealing with, the day to day pain that Rust incurs will probably always be a thorn in it's side

[–] morphballganon 16 points 3 days ago (1 children)

"Oh, I thought I was coding in Python. Oops!"

Continues coding in C++

load more comments (1 replies)
[–] tourist 29 points 3 days ago (4 children)

My friend from university sends me his Rust code snippets sometimes. Ngl it looks like a pretty cool language.

There was also that tldr reimplemention in Rust that is a gatrillion times faster than the original.

I really want to give it a try but I have executive dysfunction and don't have any ideas of what I could use it for.

[–] [email protected] 21 points 3 days ago (6 children)

The main issue I have with rust is the lack of a rust abi for shared libraries, which makes big dependencies shitty to work with. Another is a lot of the big, nearly ubiquitous libraries don't have great documentation, what's getting put up on crates.io is insufficient to quickly get an understanding of the library. It'd also be nice if the error messages coming out of rust analyzer were as verbose as what the compiler will give you. Other than that it's a really interesting language with a lot of great ideas. The iterator paradigm is really convenient, and the way enums work leads to really expressive code.

[–] [email protected] 13 points 3 days ago (3 children)

As someone that have worked in software for 30 years, and deplying complicated software, shared libraries is a misstake. You think you get the benefit of size and easy security upgrades, but due to deployment hell you end up using docker and now your deployment actually added a whole OS in size and you need to do security upgrades for this OS instead of just your application. I use rust for some software now, and I build it with musl, and is struck by how small things get in relation to the regular deployment, and it feels like magic that I no longer get glibc incompatibility issues.

[–] [email protected] 2 points 2 days ago (1 children)

Maybe for your use cases that's OK, but there are many situations where the size and ease of upgrading provided by shared libraries is worthwhile. For example it would suck to need to push a 40+ GB binary to a fleet of systems with a poor or unreliable internet connection. You could try to mitigate this sort of thing by splitting the application up into microservices, but that adds complexity, and isn't always a viable tradeoff if maximizing compute efficiency is also a concern.

[–] calcopiritus 1 points 2 days ago* (last edited 2 days ago)

I'm not so sure that dynamic libraries always reduces the size. Specially with libraries that are linked by a single binary.

With static libraries, you can conditionally compile only the features you're gonna use. With dynamic libraries, however, the whole library must be compiled.

EDIT: just to clarify, I'm not saying that static libraries result always in less size. I'm saying that it's not a black and white issue.

load more comments (2 replies)
[–] [email protected] 14 points 3 days ago (1 children)

Documentation is generally considered one of the stronger points of rust libraries. Crates.io is not a documentation site you want https://docs.rs/ for that though it is generally linked to on crates.io. A lot of bigger crates also have their own online books for more in depth stuff. It is not that common to find a larger crate with bad documentation.

[–] [email protected] 2 points 1 day ago

One specific example I encountered was ndarray. I couldn't figure out how to make a function take an array and an arrayslice without rewriting the function for both types. This could be because I'm novice with the language, but it didn't seem obvious. I ended up giving up after trying to dig through the docs for a few hours and went back to C++.

load more comments (4 replies)
[–] SpaceNoodle 3 points 2 days ago (1 children)

Of course its rewrite is nearly infinitely faster than the original JavaScript.

[–] tourist 4 points 2 days ago (1 children)

oh

lol

didn't cross my mind that someone would make a CLI program in js

I mean, I've done it, but I am a registered dunce cap owner.

[–] SpaceNoodle 2 points 2 days ago

Well, so is that guy.

[–] [email protected] 16 points 3 days ago (3 children)

Rust is definitely a really cool language (as someone who has played with it just a little) but it's quite headache inducing, at least for me at the moment.

[–] [email protected] 13 points 3 days ago

It has a steep learning curve, but it's super nice to use once you're over the initial bump

load more comments (2 replies)
[–] [email protected] 11 points 3 days ago

fn executive() {}

[–] HiddenTower 13 points 3 days ago (1 children)

I thought the US Government bought a lot of software in Ada, so I hope they continue with that.

load more comments (1 replies)
[–] it_depends_man 23 points 4 days ago (3 children)

To address this concern, CISA recommends that developers transition to memory-safe programming languages such as Rust, Java, C#, Go, Python, and Swift.

If only it were that easy to snap your fingers and magically transform your code base from C to Rust.

guy_butterfly_meme.jpg is this unbiased journalism?

load more comments (3 replies)
[–] iAvicenna 11 points 3 days ago
load more comments
view more: next ›