What I always hated about defer is that you can simply forget or place it in the wrong position. Destructors or linear types (must-use-once types) are a much better solution.

> A repeat of the xz-utils fiasco

Wasn't that a suspected state actor? Against that threat model your best course of action is a prayer and some incense.

Notably, xz utils didn't use any package manager ala NPM and it relied on package management by hand.

> because the downstream Debian folks

Not sure what you mean by this, but this was discovered by a Postgres dev running bleeding edge Debian. No Debian package maintainer noticed this.

> There's no Debian equivalent

How would Debian approach help? Not even their maintainers could sniff this one.

There exists a sort of extended std library of Rust dep. But no one is using it.

> Wasn't that a suspected state actor? Against that threat model your best course of action is a prayer and some incense.

No? They caught it! But they did so because the software had extensive downstream (!) integration and validation sitting between the users and authors. xz-utils pushed backdoored software, but Fedora and Debian picked it up only in rawhide/testing and found the issue.

> Notably, xz utils didn't use any package manager ala NPM and it relied on package management by hand.

With all respect, this is an awfully obtuse take. The problem isn't the "package manager", it's (and I was explicit about this) it's the lack of curation.

It's true that xz-utils didn't use NPM. The point is that NPM's lack of curation is, from a security standpoint, isomorphic to not having any packaging regime at all, and equally dangerous.

> a Postgres dev running bleeding edge Debian

Exactly. Not sure how you think this makes the point different. Everything in Debian is volunteer, the fact that people do other stuff is a bonus. Point is the debian community is immunized against malicious software because everyone is working on validation downstream of the authors.

No one does that for NPM. There is no Cargo Rawhide or NPM Testing operated by attested organizations where new software gets quarantined and validated. If the malicious authors of your upstream dependencies want you to run backdoored software, then that's what you're going to run.

> No? They caught it!

No? Who else has 2-3 years worth of time to become a contributior and maintainer for obscure OSS utils?

Plus made sockpuppets to put pressure on OG maintainer to give Jia Tan maintainer privilege.

> Exactly. Not sure how you think this makes the point different. Everything in Debian is volunteer, the fact that people do other stuff is a bonus.

What you mean exactly? This isn't curation working as intended. This is some random dev discovering it by chance. While it snuck past maintainers and curator of both Debian and Red Hat.

> Everything in Debian is volunteer, the fact that people do other stuff is a bonus. Point is the debian community is immunized against malicious software because everyone is working on validation downstream of the authors.

You can do same in NPM and Cargo. Release a v1.x.y-rc0, give everyone a trial run, see if anyone complains. If they do, it's downstream validation working as intended.

Then yank RC version and publish a non-RC version. No one is preventing anyone from making their release candidate version.

> No one does that for NPM. There is no Cargo Rawhide or NPM Testing

Because, it makes no more sense to have Cargo Rawhide than to have XZ utils SID.

Cargo isn't an integration point, it's infra.

Bevy, which integrates many different libs, has a Release Candidate. But a TOML/XYZ library it uses doesn't.

Good luck, if little copying is ICU based localization.

The whole point of "a little copying" is when there's self-contained code that can be copypasta'd -- for situations that are appropriate.

Great.

Give money to maintainers? No.

Give money to bury maintainers in AI Slop? Yes.

So, back to Prolog? :)

Yeah but ABI stability isn't really just magic dust you sprinkle in you language/compiler and make it more stable

It's a straightjacket that has application in few select cases.

Things ABI prevents in C++:

- better shared_ptr

- adding UTF8 to regex

- int128_t standardisation

- make most of <cstring> constexpr

And so on: https://cor3ntin.github.io/posts/abi/

I get you might have particular criteria on this. But it's a feature that comes with huge, massive downsides.

Tying yourself in a knot around ABI usually isn't worth it. You pick up to two: performance, ABI stability or adaptability.

And you can still internaly have it, if your deps have sources, or compile artifacts for only allow single Rust version (additional rules may apply).

There is work on Rust ABI (crabi), but there isn't a huge push for it.

> Instead of debating for years (like other languages), zig just tries things out.

So did Rust pre-1.0

Stability guarantees are a pain in the neck. You can't just break other people's code willy nilly.

> This makes zig unique. It's fun to use and it stays fresh.

You mean like how Rust tried green threads pre-1.0? Rust gave up this one up because it made runtime too unwieldy for embedded devices.

Just on this point:

> You mean like how Rust tried green threads pre-1.0? Rust gave up this one up because it made runtime too unwieldy for embedded devices.

The idea with making std.Io an interface is that we're not forcing you into using green threads - or OS threads for that matter. You can (and should) bring your own std.Io implementation for embedded targets if you need standard I/O.

Ok. But if your program assumes green threads and spawn like two million of them on target that doesn't support them, then what?

The nice thing about async is that it tells you threads are cheap to spawn. By making everything colourless you implicitly assume everything is green thread.