Diseased Open Source Software Community - it's about ethics in Code of Conducts

[The Real Slim Shady]

There's a contest solely based around hiding vulnerabilities and other behaviour in plain sight, even with that context:

Since when IOCCC is about hiding vulnerabilities? It's a joke contest about abusing the language syntax.

Your obsession with Ada is interesting. I might give Ada a try but I fail to see any use for learning it aside from the fun of it.

The problem with Rust is it's forced-weird syntax which looks like a bastard of C++ and Java and the stupid bloated build system which hides almost everything. Then there is the community problem, first, its full of trannies and people who are best to be avoided at all cost, second, the "rewrite it in rust" mentality. I'm yet to see a project which uses Rust for a small, well defined part of it which actually gains from being written in Rust and not other language. Rust compiles to object code. What is the problem to link it with other existing C or C++ code? The mentality seems to be that its better to write everything in Rust even if it means making half assed ports of libraries or marking whole files with unsafe {} block which annuls the entire selling point of Rust. And the build system. In C++ you can choose what build system you want. Want a bloated Cmake? Go ahead. Want some fancy python framework? Go ahead. Want no build system? You can just phone it in and have a build.sh script which does "gcc *.cpp" with the proper library flags. In rust even the smallest program is built with the bloated and slow cargo which is stupid.

The comparison with Java of the previous decade is very on point. It was hyped, huge things were built in it, now its used for a niche where it can actually make things better and a few useful thing spun off from it. Maybe Rust needs another 10 years so the hype goes down, it becomes another boring language for old people and the hip kids go find something else to shill.

And just to add - you can write safe code in C99 if you are careful and put some work into understanding what the computer does on OS and hardware level. Rust hides of it and does not let you make small errors, it will just leave you with huge mistakes to make.

 

[Heliantheae]

Redditor is shocked that a code editor downloads binaries required to run LSP

Seems like a reasonable take, LSP support doesn't mean that the editor should automatically download arbitrary binaries without user consent. My neovim setup only retrieves the LSP stuff I've told it to get.

 

[UERISIMILITUDO]

Since when IOCCC is about hiding vulnerabilities? It's a joke contest about abusing the language syntax.

Oh, my mistake, I was thinking about the other C language programming contest showing how inscrutable the language is:

http://www.underhanded-c.org

Your obsession with Ada is interesting. I might give Ada a try but I fail to see any use for learning it aside from the fun of it.

Cool, but I wouldn't describe my fascination with the language as an obsession any more than I would describe a chef's focus on cleanliness when preparing food as an obsession.

The problem with Rust is it's forced-weird syntax which looks like a bastard of C++ and Java and the stupid bloated build system which hides almost everything

I agree. It's symbol vomit, and not even the good kind like APL.

or marking whole files with unsafe {} block which annuls the entire selling point of Rust

Yes. I want to point out that Ada doesn't have this problem. Its mechanisms are more explicitly disabled, and with more effort needed. As an example, the generic function Unchecked_Conversion subverts the very strong type system by allowing the bit pattern of one value to be treated as that of another type, but there are restrictions, it must be instantiated to use, and it can even be disabled rather trivially. I'm not certain if Rust makes it so easy to dull its sharp edges.

And just to add - you can write safe code in C99 if you are careful and put some work into understanding what the computer does on OS and hardware level.

Sure, it's possible, but I liken it to telling a doctor he shouldn't wear a facemask during surgery, instead he just shouldn't sneeze. The facemask is obvious in this example, and not wearing one would be negligent. Programming is still in the state at which people shit where they eat. It wasn't like this in the 50s and 60s, but the C language really did fuck up a lot of things.

 

[skunt]

i don't mind rust. troon language or not, it's performant. government agencies (etc) are probably pushing it because they want to hire more people who can write in it and/or they don't like their current candidates - can't blame them on the latter.
it is really annoying that compiling takes forever though, even on beefier machines.

more people should use HARE

 

[Kola]

Not to interrupt this conversation, but I've been really questioning this lately. Why is everyone pushing Rust lately? The White House. The NSA. The DoD. Every fucking major backer really, really, really wants everyone to switch from C/C++ to Rust.

Even the farms, too! https://github.com/jaw-sh/ruforo

Is it possible that it's a nice language with useful features that addresses many common problems with other low level languages?

 

[Coolio55]

@UERISIMILITUDO
Where's the self-hosted ADA compiler? Isn't it written in C++?
UH OH! BOTNET ALERT!

W-Wait... Doesn't ADA compile to x86 assembly instead of some s-expression whatever?!
UNSAFE! UNSAFE!

 

[Kendall Motor Oil]

Why is everyone pushing Rust lately? The White House. The NSA. The DoD.

It's designed around being memory safe from the ground up which closes a stability and vulnerability issue that has plagued low level code. The government wants that for those reasons.

 

[Kapros]

It's designed around being memory safe from the ground up which closes a stability and vulnerability issue that has plagued low level code. The government wants that for those reasons.

I guess I can see why the government would want it to be used in its own systems. One would think, though, they wouldn't be pushing for widespread adoption just because of that. It doesn't seem like it would harm the average consumer-level user, so I'm just not seeing how this is against the public interest?

 

[CrunkLord420]

Trannies from the Mastodon/Akkoma/Sharkey clique on the fediverse suddenly necro'd the old SerenityOS drama where Andreas Kling, its developer at the time, rejected the documentation PR changing a single instance of "he" to "they".
View attachment 6147363View attachment 6147366
https://eepy.moe/notes/9v8333uf6acv00d6 / https://archive.fo/wbPfB
View attachment 6147371View attachment 6147372
https://github.com/SerenityOS/serenity/pull/6814 / https://archive.fo/MsX1O
TheEvilSkeleton, known for his previous banger "code quality should be the least of your concerns in your FOSS project", chimes in as well.
View attachment 6147374
I'm sure people here have plenty to say about xir's "software used by millions of users".

I would've ended up with a conclusion, but someone on the repo said what I wanted to already.
View attachment 6147377

I have a really soft spot for Andreas. He's genuinely a super nice guy. The story of SerenityOS being a byproduct of his addiction recovery is truly inspirational. Hopefully this drama doesn't get swept under the rug. I hope people look at this baseless attack with disgust. Too bad everyone is too much of a pathetic coward to say anything. There really hasn't been as perfect of a victim since Tim Soret.

His video discussing Terry is one of my favorites, and the music video he created using SerenityOS to commemorate Terry was also touching.

 

[Kola]

I guess I can see why the government would want it to be used in its own systems. One would think, though, they wouldn't be pushing for widespread adoption just because of that. It doesn't seem like it would harm the average consumer-level user, so I'm just not seeing how this is against the public interest?

Use after free and similar C-style faults cause millions of dollars of damage. They're "pushing" it for the same reason they're pushing civil engineering safety standards.

 

[Old English Roast Beef]

I guess I can see why the government would want it to be used in its own systems. One would think, though, they wouldn't be pushing for widespread adoption just because of that. It doesn't seem like it would harm the average consumer-level user, so I'm just not seeing how this is against the public interest?

The big fear is the Russkies and Red China exploiting vulnerabilities in the private sector (which the public sector is dependent upon). There's no hard boundary between the average consumer-level user and critical systems. It has peacetime economic effects too, like think of ransomware.

 

[botrix_fan]

Even the farms, too! https://github.com/jaw-sh/ruforo

Sneedchat was hacked by a Turkish script kiddie a while back and it's written in Rust.

 

[Vecr]

Sneedchat was hacked by a Turkish script kiddie a while back and it's written in Rust.

Really, a web browser spec "bug" though, browsers are so complex that you can't really tell what's going on. If you dialed in to the farms this never would have happened.

 

[Flaming Dumpster]

Sneedchat was hacked by a Turkish script kiddie a while back and it's written in Rust.

Rust isn't going to save you from the combination of Xenforo fuckery, JavaScript bullshit and not good enough CSPs that caused the XSS issues. That would happen even if Sneedchat was instead running Python and the Twisted library or one of the 100 other similar libraries for other languages.

Sneedchat has its issues but there's no reason you couldn't write a very stable and secure chat server in Rust, it's just that you'll be on your own in this endeavor as Rust is incomprehensible gibberish to those lacking stink ditches. Personally I still think IRC would've been better, especially as IRC over WebSocket is a thing these days.

 

[Kiwi & Cow]

Even the farms, too! https://github.com/jaw-sh/ruforo

Is it possible that it's a nice language with useful features that addresses many common problems with other low level languages?

It's literally Null's troll OP to get the trannies to seethe. He even called it a shit language once because it has limitations that aren't there in other languages.

 

[Kola]

It's literally Null's troll OP to get the trannies to seethe. He even called it a shit language once because it has limitations that aren't there in other languages.

Like what?

 

[Kiwi & Cow]

Like what?

From Null:

It is, which is why picking Rust will objectively cause the most anal pain and hilarity.

Rust does not compile unless the code will work. There is almost no margin of error. It is very soothing to autistics. There is effectively only one right way to write code in Rust.

The old system was a super hacksneyed Rust-to-Lua module for haproxy. It started falling apart under very heavy loads, haproxy itself seems to have trouble keeping up with certain kinds of DDoS attacks.

The new check is half C and half Rust. There is an nginx module written in C (with big thanks to two veteran C engineers who contributed free work). The Rust module I wrote and that is the actual check page. The check is also JavaScript I wrote. The implementation is borrowed from the proof-of-concept from Thomas Lynch who wrote the haproxy-protection Tor still uses.

Literally relying on C and Lua.
Can't find the post again, but apparently making a chatroom in Rust is anal cancer because it can't easily update a chain of text or array or some shit like that. It's possible, but you have to use a workaround to get it to work right.

 

[Kola]

That sounds more like praise than a complaint.

 

[The Mass Shooter Ron Soye]

libavif 1.1 Released For Improving AVIF Image Encoding (archive)

GNOME Foundation Executive Director Departing After Less Than One Year (archive)

Holly Million, Professional Shaman, Former GNOME Foundation Executive Director.

They finally realized when she said she was experienced with Gnome, she didn't meant the software.

So she just up and quits to become a shrink... Wow...

That says something; she finally figured out how to make money from Gnome users!

 

[RGBCube]

From Null:



Literally relying on C and Lua.
Can't find the post again, but apparently making a chatroom in Rust is anal cancer because it can't easily update a chain of text or array or some shit like that. It's possible, but you have to use a workaround to get it to work right.

That sounds more like a praise than an insult.

Also "you can't update an array", you can, it has to be mutable, however. Which is a good thing, as it avoids undefined behavior and works all of the time. Go try modifying a global const array in C and try it on all platforms, it won't work.

Good C code is equivalent to normal Rust code, since both avoid UB and data races. The actual feature of Rust is that it prevents you from writing racy or undefined behavioral programs.

Don't talk about programming languages you haven't written a single line of code in. Rust is a great solution for systems programming.