TWiR quote of the week

mattico 2017-09-11 16:05:44 UTC #443

When programmers are saying that there are a lot of bicycles in code that means that it contains reimplementations of freely available libraries instead of using them

Presumably the metric for this would be bicyclomatic complexity?

— tomwhoiscontrary

newpavlov 2017-09-11 16:08:07 UTC #444

I think it’s better to write it as “When [Russian] programmers…” for unfamiliar with the context.

dtolnay 2017-09-11 16:24:29 UTC #445

Rust did this correctly.

— /u/kpcyrd on being vulnerable to the exploit that affected Equifax

frankmcsherry 2017-09-12 10:38:14 UTC #446

I’d recommend against having the community try and look smug in the face of this.

pwrdwnsys 2017-09-12 12:45:38 UTC #447

I’d recommend against having the community try and look smug in the face of this.

Agreed. The whole “Rewrite it in Rust” meme already smacks of Martin Shkreli coveting a Wu Tang CD.

vitalyd 2017-09-12 12:52:15 UTC #448

This is also more of a Struts problem, although Java features (reflection and dynamic class loading specifically) enable this footgun. So it’s not Rust vs Java, if that was the implication. Rust doesn’t have dynamic class loading and reflection, but someone could build a serde serializable type to do custom remote command/process execution. It would be deliberate and not some oversight though, but still possible given enough will.

notriddle 2017-09-12 16:33:41 UTC #449

Doesn’t QtQuick allow dynamically instantiating any class with MOC bindings? And QtQuick is bound to Rust?

vitalyd 2017-09-12 17:30:45 UTC #450

Don’t know anything about QML really, so can’t comment . However, whatever it has will undoubtedly be some sort of dynamic loading that Qt invented, and is not C++/Rust specific. That’s different from Java where dynamic class loading and reflection come out of the box with the language.

josh 2017-09-12 21:14:30 UTC #451

The footgun reduction in these latest proposals is seriously impressive. Any more improvements and this won’t even feel like C anymore (in a good way!).

@Ixrec on RFC 2137 at https://github.com/rust-lang/rfcs/pull/2137#issuecomment-328956519

jdm 2017-09-13 20:15:28 UTC #452

<heycam> one of the best parts about stylo has been how much easier it has been to implement these style system optimizations that we need, because Rust
<heycam> can you imagine if we needed to implement this all in C++ in the timeframe we have
<bholley> heycam: yeah srsly
<bholley> heycam: it's so rare that we get fuzz bugs in rust code
<bholley> heycam: considering all the complex stuff we're doing
* heycam remembers getting a bunch of fuzzer bugs from all kinds of style system stuff in gecko
<bholley> heycam: think about how much time we could save if each one of those annoying compiler errors today was swapped for a fuzz bug tomorrow :-)
<njn> you guys sound like an ad for Rust

Conversation from #servo between some long-time Firefox developers.

QuietMisdreavus 2017-09-18 20:35:18 UTC #453

@Havvy in #rust-offtopic:

<Havvy> unsafe impl !Send for MyType // Don't thread on me