I'm going to be honest, I feel this would make things worse. It comes across as turning soundness into a religion. Why would I ever specifically mention soundness bugs, compared to any other type of bug? Elevating soundness bugs above others is what caused this problem (I think)
-
-
- 5 more replies
New conversation -
-
-
I don't get this drama thing. If you don't like how the project is run, fork it and run it the way you want.
-
People get used to the fact that best results are usually achieved by the collaboration, not by separation.
End of conversation
New conversation -
-
-
There are some costs at work here besides runtime performance and those costs were not addressed by most commenters. I'm dubious such a pledge (or non-pledge) would have helped here.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
It seems odd to me that a library author wouldn’t align with the primary goals of Rust. If you want to write unsafe code there’s a million other languages for that.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
A soundness pledge could be a bool on the crate metadata to opt into trying to be as secure as possible. I.e. crates would then be opting in to the rust safety dance.
-
I’d like to see more cross-implementation testing of projects (by providing drivers that all implemented a common trait). We should industrialise efforts like https://medium.com/@shnatsel/smoke-testing-rust-http-clients-b8f2ee5db4e6 … - together we are stronger.
- 1 more reply
New conversation -
-
-
you are missing the main reason of this drama: negative reaction (with some nasty, rude comments) was caused not by the fact of using "unsafe", but by the rejection (with kind of rude reasoning) of patches, where unsafe code was replaced by safe, without performance costs.
-
I agree that unsafe code is unavoidable sometimes, but we clearly have an opportunity to replace unsafe code with safe, we should have REALLY good reasons for not using safe code - big performance cost and 0 chance of vulnerabilities.
- 12 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.