That's a question of API, not type system. And FD types (e.g. OwnedFd, BorrowedFd) are already in std.
BB_C
joined 2 years ago
There is the odd (genuine) security issue tbf. But they are more of the variant:
"If an attacker is close enough to sneak that on me, then I'm probably already screwed."
Why are you hallucinating facts?
- There is no "team of 200 rust developers".
- " developer" is not an identity.
- uutils is not a "professional" project, as in people are paid by the (non-existing) uutils company to work on it.
- The project started as personal hobby of one person during COVID, There were no 200 contributors who sprung up magically and simultaneously from the start.
They wanted to avoid the “politics” and are not entertaining comments or explaining their decisions. It’s not up for discussion.
If you think you saw a group of 200 people starting uutils and doing this. You should seek medical help.
Why does emit() take an owned E value?
mostly compatible with C
It's not mostly compatible, not even on the surface level, with any version of C post C89. And most of the ever-growing crap in the language came after the early years anyway, with constructs that are C++-exclusive.
compatible with C
myth
I will let you expand on this before responding to both:
And also, cargo.toml has inconsistencies and double-standards.
Not cargo per se, but even the tutorial for a cli-tool is like “setup clap, which has 20 dependencies and a kitchen sink”. The whole (cargo-centric) ecosystem is much like Node, with the same problems.
cargo new with-clap
cd with-clap
cargo add clap --no-default-features
% cargo tree
with-clap v0.1.0 (/tmp/with-clap)
└── clap v4.6.0
└── clap_builder v4.6.0
├── anstyle v1.0.14
└── clap_lex v1.1.0
And also, cargo.toml has inconsistencies and double-standards.
Can you expand on that?
Why do you think cargo is a problem?
Not sure how are you and @kibiz0r@midwest.social coming up with these concerns.
The only correct way to package such software is to vendor dependencies (packaged together or separately). And you can trivially change the sonames of vendored deps in your build scripts so that there are no conflicts whatsoever (I dual-package some stuff against an upstream and a fork and do just that). So dynamic vs. static is not the crux of the issue. The primary concerns are that distributors hate vendoring, irrespective of whether the vendored libs are linked in statically or dynamically. Distributors also hate potentially diverging forks maintained by random downstreams, which is what "patched dependencies" effectively are.
There is always room for some leeway of course, but that would depend on how relevant your software is, and/or whether a maintainer would want to take that burden on.
And finally, sometimes, such dependencies may provide added value that trumps all these concerns. So judging these things is always situational.
view more: next ›
Author couldn't help himself but do some "wisdomry" at the end!