💾 Archived View for aelspire.info › posts › 2023-09-07-disillusioned-about-rust › post.gmi captured on 2024-07-08 at 23:42:07. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2024-02-05)
-=-=-=-=-=-=-
The final straw that broke the camel’s back was the binary blob in serde_derive procedural macro crate. But this fact alone would not suffice for me to change my opinion. But nonetheless my love for rust died by thousand paper cuts.
So after spending some time on learning the Rust programming language I’ve some complains about it.
I don’t like the over-reliance on GitHub: the whole toolchain with RFCs are hosted there and a GitHub account is required to publish on crates.io. But Ok, they don’t have time for self hosting and GitHub is still the most popular software forge and maybe they want to be more visible. So I can understand this decision.
I’m not sure if I’m a fan of the whole language complexity. I highly value simplicity. But I’ve read some standard library code and I was able to understand how one randomly chosen non-trivial function works, so its not so bad.
I’m very sceptical about the cargo and crates.io design. In my opinion cargo-crev and cargo-audit crates are workarounds for poor design. The whole idea of a central repository, allowing everybody to publish anything with minimal moderation and with lack of proper namespacing, makes the whole crates ecosystem a big glaring security hole. Did I mention that building a package runs build.rs “script” automatically? But I wrote some script that wrapped cargo and bubblewrap¹ for sandboxed builds, sacrificing some convenience in return. And so, next paper cut left bad taste. But again I can understand this idea, they want to have minimal standard library so for convenience reasons missing bits must be easily available.
In meantime I’ve noticed that tuples are still WIP so using them requires some macro hacks. But it works and they are working on it. I’m not sure if language with such workarounds should be considered post-1.0.0 version, but if they will not break existing code, I can overlook this little flaw.
But then the whole serde mess dropped. Maybe I’m paranoid but using binary blob only on one specific OS and only for one CPU architecture (Linux x86_64) seems like preparation for swapping this binary blob with malicious one in future. I wasn’t the fan of the crates.io and cargo design before but now I’m vehemently against it. Reverting this decision didn’t help at all. I just cannot like this language anymore.
I’ve became disillusioned about the Rust programming language and cannot find joy in writing my hobby-projects in it anymore.
So, I’ve switched to Hare as my default language for hobby projects, because currently it looks the best in my eyes. It is rather early WIP but the whole language seems very promising in my eyes and I’m extremely excited to see how it will evolve.