TWiR quote of the week

One of my favourites:

We're here to learn, and we will do so relentlessly.
—Jon Gjengset, Decrusting the axum crate

I must personally extend my condolences to those who forgot they chose in the past to annoy their future self.

@workingjubilee on the GitHub actions/runner-images hold-back of 1.90.

For me personally, the best thing about becoming successful at anything is you gain the ability to lift others up.

– Nell Shamrell-Harrington at RustConf (youtube link)

Pointers are quite hard.

– Tim McNamara

And, as the name implies, pointy.

– Andre 'llogiq' Bogus on LinkedIn

There used to be recurring questions about mod vs use in the user forum, until I've added a note to the error message [...] and I think it largely solved the problem

• Kornel on IRLO Curly brace support for mod - #51 by kornel - Rust Internals

what do you mean by "this is no longer a known issue" ?

– matthiaskgr on rust-zulip

Petition to add an unwise keyword in Rust

– James Logan on hachyderm.io

I have however developed the standard Rust enthusiast panick attack at the first SIGSEGV, so I don't want that to happen. :laughing:

@vigna at Should/can one trust invariants in serialized data? - #23 by vigna

If someone opens a PR introducing C++ to your Rust project, that code is free as in "use after"

Predrag Gruevski on Mastodon

Making your unsafe very tiny is sort of like putting caution markings on the lethally strong robot arm with no proximity sensors, rather than on the door into the protective cage.

– Stephan Sokolow on lobste.rs

We adopted Rust for its security and are seeing a 1000x reduction in memory safety vulnerability density compared to Android’s C and C++ code. But the biggest surprise was Rust's impact on software delivery. With Rust changes having a 4x lower rollback rate and spending 25% less time in code review, the safer path is now also the faster one.

— Google, in "move fast and fix things"

Oh, wow, the "reserve panics if the new capacity overflows usize" claim dates back to when the type was still called uint

– hanna-kruppe

I think the unsafe block is more like the safety cage, with the unsafe keyword being the caution marker at the entrance.

Making your unsafe very tiny is like minimizing the size of the safety cage to only encompass the area that the the lethally strong robot arm can reach.

Except that where you place the boundaries of an unsafe block only has meaning to humans, so long as they're large enough to encompass the actual unsafe operations.

The lethally strong robot arm's reach may potentially extend very far outside the unsafe block because public/private access modifiers only affect things outside the containing mod, so anything inside the mod has the power to break invariants the unsafe code may depend on.

Also: a program written in Rust had a bug, and while it caused downtime, there was no security issue and nobody's data was compromised .

Josh on reddit about cloudflare unwrap

@scottmcm in Re-opening deprecating Option::unwrap and Result::unwrap - #88 by scottmcm - language design - Rust Internals

Then hope you have a @matthiaskrgr to fuzz things and find out if there's some edge case that was missed and file bugs about it

@Ddystopia in the same thread as above.

[...] just returning an error is not error handling, it is just user space unwinding.

"it’s much better to make lock automatically panic than to make panics silently unlock." -- In defense of lock poisoning in Rust · sunshowers

Or deadlock, which is also popular!