• 245 Posts
Joined 6M ago
Cake day: Jun 13, 2023


Why are you doing

cards.iter_mut().for_each(|card| {

I don’t see that you mutate card anywhere, am I missing something?

Except if all developers, who are also power users of the internet, switches to another browser which allow ad blockers, all web based apps and websites will shift to work better in Firefox then on Chrome. Then the regular user will also switch.

A groundbreaking study by Mass Eye and Ear associates tinnitus with undetected auditory nerve damage, challenging previous beliefs and opening new paths for treatment through auditory nerve regeneration.

Semantic fuzzing of the Rust compiler and interpreter
Abstract This project introduces Rustlantis, a novel fuzzer capable of generating programs in Rust’s Mid-level Intermediate Representation that are deterministic and free from Undefined Behaviour. It has uncovered 13 previously-unknown bugs in the Rust compiler and LLVM which has caused miscompilations as well as crashes.

Nice to see fish RiiR moving forward
#fishshell rewrite-it-in #rust progress, 2023-11-20 76909 rust lines added 48105 / 77063 C++ lines removed ▓▓▓▓▓▓▓▓▓▓▓▓░░░░░░░░ 62 %

Ok, I don’t know what is more worrying, that a developer fails to find prettier on GitHub, or that a developer fails to Google it. But I guess that if you fail this, you were probably not the target audience for the challenge.

Building a Better Foundation for Rocket’s Future
Rocket 0.5 Released together with RWF2, a nonprofit organization designed to support Rocket and the surrounding ecosystem, financially and organizationally.

They say you should pass 95% of the Prettier JavaScript tests to win the price.

The Prettier Bounty is a challenge to write a prettier-compliant pretty printer in Rust

No, that is not a valid reason to look that bad, JetBrains Mono is a fixed with font and it manages to get the characters evenly distributed.

Just looked at the screenshot on the Victor Mono page and the kerning makes me want to rip my eyes out…

Ok, after reading some comments on other places, I think I get it now. While you are free to use their open sourced tool chain, which is what they have certified, you still doesn’t fulfilling the legal requirements unless you buy the certified tool chain. Just because it is open source, doesn’t legally guarantee that is what’s certified.

So, you pay to get the legal status of the certification. Did I understand this somewhat correct?

I must say I am a bit confused. They are open source, and some previous blog post said they are certifying upstream. Yet, they sell quality managed licenses. So, what are these licenses and why are they needed?

First-time contributors to Rust projects are about 70 times less likely to introduce vulnerabilities than first-time contributors to C++ projects
Abstract—New contributors are critical to open source projects. Without them, the project will eventually atrophy and become inactive, or its experienced contributors will bias the future directions the project takes. However, new contributors can also bring a greater risk of introducing vulnerable code. For projects that have a need for both secure implementations and a strong, diverse contributor community, this conflict is a pressing issue. One avenue being pursued that could facilitate this goal is rewriting components of C or C++ code in Rust— a language designed to apply to the same domains as C and C++, but with greater safety guarantees. Seeking to answer whether Rust can help keep new contributors from introducing vulnerabilities, and therefore ease the burden on maintainers, we examine the Oxidation project from Mozilla, which has replaced components of the Firefox web browser with equivalents written in Rust. We use the available data from these projects to derive parameters for a novel application of learning curves, which we use to estimate the proportion of commits that introduce vulnerabilities from new contributors in a manner that is directly comparable. We find that despite concerns about ease of use, first-time contributors to Rust projects are about 70 times less likely to introduce vulnerabilities than first-time contributors to C++ projects. We also found that the rate of new contributors increased overall after switching to Rust, implying that this decrease in vulnerabilities from new contributors does not result from a smaller pool of more skilled developers, and that Rust can in fact facilitate new contributors. In the process, we also qualitatively analyze the Rust vulnerabilities in these projects, and measure the efficacy of the common SZZ algorithm for identifying bug-inducing commits from their fixes.

rustc_codegen_cranelift is available on nightly!
Quite some exciting progress since the last progress report! There have been 180 commits since the last progress report. As of today, rustc_codegen_cranelift is available on nightly! :tada: You can run rustup component add rustc-codegen-cranelift-preview --toolchain nightly to install it and then either CARGO_PROFILE_DEV_CODEGEN_BACKEND=cranelift cargo +nightly build to use it for the current invocation or add

FYI: Not the author, just found it to be an interesting read. Notified the author, so lets hope he joins in for a nice discussion.

And the Copy question.It is not that s reference has to implement Copy. A reference IS Copy, by the simple fact that it is a primitive value on the stack.

A reference &T holds a pointer, ie. the memory adress to the actual content of T

So, in the example x doesn’t hold the value 42, it holds the memory adress to the memory there the integer value 42 is stored. So, to access the value, you need to dereference the reference. Which is why you need to use *x when you assign the value.

Fixed it… I come from a language culture were we like our negations :) Also, not native english speaker, so combine the two and you are in for a ride!

But isn’t it kind of obvious that if you are able to do 180k times improvement, then the baseline is probably not very impressive to begin with. Still, that doesn’t take away that the optimizations were impressive, and that it was interesting to read about it.

And if I understand it correctly, it now would be enough for them to ping in this community in a post to get it do show up here… so that might be something for them to think about.

I actually agree, I much prefer articles. However, I found this interesting since it looked at turbopack, parcel, rspack and others and talked about how it comes that the JavaScript ecosystem seems to start to use a lot of rust for their tooling. It was quite long though…

Because of ownership you’re forced into certain hierarchies, which make the code ugly and hard to read.

For non-gc languages you always have ownership, in most languages you just have to keep track of it manually. And whenever the rust compiler gives an error, you would most likely have had a future issue in another language. For gc languages, this may still exist if you share data between threads, causing possilbe race conditions and data corruption. So, the ownership/borrow model is just a formalization of implicit rules that exists in most languages.

I see where you come from. I first turned to Go, but at the end of the day it was a nice language but it didn’t tick my boxes. One of my main issues for backend servers, is for them to be robust. They should never fail in runtime. That means error handling is quite important, and as few runtime errors as possible. Go, fails this hard. The strictness of Rust, may be a pain while learning, and some syntax may be less than optimal, but the result will almost never fail in production. I have in fact never had a backend I wrote fail in production. The error handling also makes it easy to find any errors due to things out of my control. I switched a project from Java to Rust, and the log shrunk by a factor 10.

Note, I still use Go sometimes, but it is not my go to language. And on a second note, that you point to .unwrap() indicates that you never really used rust to write a backend, since use of .unwrap() will panik if you use that. You normally use .unwrap_or(…) or some other better construct. Also, complaining about unwrap() would indicate that you prefer a null pointer issue? Because, dropping null/nil is one of the great design choices, having null/nil is just a recepie for getting a runtime crash.

wouldn’t it be better to use #[cfg(target_os = "windows")] instead of checking an env variable?

Reference: https://doc.rust-lang.org/rust-by-example/attribute/cfg.html

So, I will finally be able to drop some deps and use the built-in chown. Nice!

Always happy to see more projects being open source.

Now, I don’t have any experience with Axum, but my experience is that the frameworks are quite similar, so much of the porting tend to be in parameters and types, authentication and session (of course, this may vary from project to project). So if you are familiar with Axum this might be a good way to start contributing to Kellnr. Well, I guess if you just want to learn Axum, it might also be a good way to start, it will just be a little slower… but I guess it is a good way to learn a new framework if you have the time to invest.

Great to see that this moves forward in a steady pace. And being able to compile Rust for Linux seems like a nice milestone, especially since many objections initially against rust in the kernel was about GCC support.

That depends on the job I want to do. But generally my selection is something like this.

  1. Is it a short simple script: Bash
  2. Longer script, then a more competent dynamic language like Perl/Python.
  3. Backend, a strong typed compiled language, with as few runtime errors as possible. If it depends on some particular API, the language with good enough bindings.

Preferred backend language, Rust, since that have the least runtime errors, thanks to its strong typing and the great error handling. But I also use Go if it have better libs for what I do, or Java for situations where that is more suitable.

That is all dependent on the program, but the simplest scenario is by an API with two requests at the same time. But it may also be like if you scan for new files, and use inotify, then you may also have a scanning loop as a fallback. Then the scan and inotify may trigger at almost the same time, so if that then results in a db create or insert you can get in to this problem. So, there are multiple ways to get in to trouble, and life always find new ways 😀

You are free to see this as an ad, but as Rust is targeting safety critical programming in general, I find it interesting to follow certification efforts like this to make rust available for really safety critical use cases. Now, the Ferrocene project is contributing back, but that fact or the license does not really affect the relevance for this community.

Well, of course you should stick to rustc if you don’t need the certification. I get the impression you mix up thing and the purpose of a certified compiler.

Ferrous Systems is working on certifying a specific version of rustc, and hence make it possible to use rust for projects where such certification is required. And certification is required for things like programming medical equipment. If you are hooked in to life support, it is good if the compiler did the thing it was supposed to do… a crash in such programs can be fatal in a very literal way.

Also, notice that they try to do this without forking and by contributing upstream.

As I still run in to glibc version issues a little now and then (admittedly not very often, thankss to containers), I hope to see rust getting rid of libc one day. But I don’t expect that in the near future, because as the author mentions, libc is very mature, so replacing it must be done with a lot of caution. But this really looks like a step in the right direction.

I think this is was a great read, since it shows a few important things

  • Coming to rust from C is not trivial, you are required to learn a few new concepts (or not really new, but implicit in most languages, formalized in rust).
  • When coming from C and you understand the basic concepts, it is easier to learn rust than from many other languages, since you understand what is going on under the hood. Dangling pointers, and use after free aso, are known concepts. C/C++ programmers don’t have to fear rust.
  • The rust book is a great source of information.

That will always be prune to race conditions, where you check if someting exists (then some other thread creates it) and then you try to create it. You should always try to create first, then if it fails due to it already existing, fetch it. That is a good general rule for anything from hashmaps to databases.

I have never used sea-orm, but I wonder if .on_conflict could be used to simplify the code above?

No ads disguised as search results. Actually, no ads at all. Great search results. Lenses.

Also, there is a solution for incognito mode. And ad supported, in practice means tracked by advertisers, and hence you are the product.

The reason might be, that you must think a bit different from C++ so it might be a little bit tricky to do the switch. Thouigh, if you know C++ the ownership and stuff should be a bit easier to understand since you probably can figure out what is going on. The reason I learned Rust in the first place was because I had to use C libraries, and I knew rust had good support for that. But, unfortunately I cannot assist you with alternatives to rust, since I stopped looking after I learned rust. 😄

This looks really interesting, and I love the easy to use docker images! So, now I guess I know what I will fiddle with this weekend…

And don’t get me wrong, I think Go is ok and I use it from time to time. When Go and Rust started to get traction, I actually laughed at Rust thinking it was a stupid language. Why would anyone use Rust when you had Go, it sounded so great with its go routines and all. I then started to use it, and it wasn’t bad, but it wasn’t something that got me all excited either. And it was the horrible error handling and all these simplifications that sacrifices correctness that made me feel it was only an ok language. It is the correctness of Rust and that you have to handle all errors aso, that makes it a bit annoying, but it is also these things that makes it great.

I think this old article exemplify the bad design of Go, and why I think Rust is very well designed.

TL;DR Go takes many shortcuts, in the name of simplicity, that ends up with pure lies. Like providing Unix like permissions for Windows and silently ignore it.


They don’t require CLA, since it’s MIT license. So what they showcase is the benefit of copyleft.