Originally posted by darkonix
View Post
Announcement
Collapse
No announcement yet.
Rustls Can Now Work With Nginx Via New OpenSSL Compatibility Layer
Collapse
X
-
Originally posted by Daktyl198 View PostI would agree with you, except that most developers (not saying the rustls guys) just auto-update their dependencies via bots. The bot creates a PR that runs through checks to make sure nothing breaks, and if all tests pass the bot either pushes the commit, or a dev will come in and push it without ever looking at the changes made to the dependency. In a perfect world, everything you say makes sense. In the real world, people are lazy and dumb. That includes developers.
Originally posted by Daktyl198 View PostAlso, you keep bringing it around to dependencies I agree with. Yes, I agree that the Rustls guys shouldn't implement their own RNG, nor their own memory buffer wipeout. Those are not <100 LoC and have hidden complexities. The issue I take is with dependencies trees that eventually go down to "isOdd" 3-line pieces of code that are basically boilerplate and have 0 complexity. People just want to "save lines of code" and avoid doing it themselves.
It should also be kept in mind that Rust is a little bit like Python, but for the opposite reasons. Python famously wants you to use 3rd party packages because "the standard library is where packages go to die". In Rust, the standard library has such extremely high standards and barriers to entry that many things that other languages include out of the box (random number generators, advanced IO operations, specialised data structures etc.) are not part of it. In fact, a good chunk of crates.io is to Rust what Boost is to C++: an unofficially official extension that everyone knows and uses and some of which gets merged in bit by bit. I'm thinking of things like itertools, anyerror, clap, serde, log etc.
- Likes 3
Comment
Comment