I think people lost sight of the forest for the trees when it comes to Actix.
What should have been done before the controversy came to a head is to fork the codebase to actix-web-safe or actix-web-lts. Whether or not it’s theoretically necessary, people’s time is finite and the original development strategy was working for getting top performance out of it, even over far more established frameworks. That’s what attracted so much attention to it.
I’m not sure if that’s a viable strategy anymore, but that’s how I can see people having their cake and eating it too.
Someone may have a good argument against this, but I’d expect Rust with some unsafe blocks here and there is still better than an entire codebase of unsafe C. Even if there is a safe way to remove the unsafe blocks in Rust, and the unsafe way was what you had time for.
Perhaps the question that should be asked for this project in particular is why there seems to be a zero-sum game between performance and safety. Are unsafe solutions more discoverable, or are safe solutions vastly more difficult, or is there some theoretically counterintuitive performance cost in this practical (well as practical as benchmarks get) situation? Those aren’t literal questions, just prompts for additional study...