If you are running into broken GitHub integrations today, it's because GitHub issuecomment IDs have just passed the maximum value of i32.
For example
@rustlang
's rfcbot is currently out of commission with an i32 overflow.
The "Industry Coefficient" of some widely used Rust crates.
The coefficient is POSITIVE if a crate is disproportionately often downloaded on weekDAYS, and NEGATIVE if disproportionately often downloaded on weekENDS.
0 is the mean across all crates on crates-io.
Stack Overflow Developer Survey 2022
- 86.7% of those using Rust want to KEEP USING Rust (significantly higher than any other language)
- 17.6% of those NOT using Rust WANT to use it (higher than any other language)
- 9.3% of respondents use Rust (up from 7.0% last year)
New in 1.0.48 of the anyhow crate's `ensure!` macro: we now render a Debug representation of the lhs and rhs of comparison operators into the error message if both sides have a Debug impl.
🦀 just passed 50 billion crate downloads 🎉
thank you to everyone who contributed and to all of our sponsors!
and thank you also to the Rust Foundation for providing the team with a full-time employee now :)
#rustlang
#rust
I no longer remember how/why I started learning Rust, but I remember this early impression with crystal clarity:
"This language seems neat but it's too bad all the worthwhile libraries are already being built by somebody else"
—dtolnay, early 2016, aspiring library designer
This progression of floating point formatting performance is wild.
The Rust libraries here are mine but my only contribution is porting these algorithms to Rust from C.
dtoa/Grisu2 (2010) ⟶ Ryū (2018) ⟶ Dragonbox/Schubfach (2020)
It's because pointers these days are gigantic, and the vast majority of pre-release strings and build metadata on crates.io are 8 or fewer ASCII bytes.
That amount of text fits *into a pointer* without even any allocation for it to point to.
As one of the only people who has written a production-quality Rust parser singlehandedly, I used to think:
PARSER (code⟶AST): hard
PRINTER (AST⟶ugly code): easy
FORMATTER (ugly code⟶pretty): hard
Came to realize over the past year, for Rust, printer is the hardest of the 3.
@joshuayn514
@joseph_h_garvin
@pcwalton
Rust CVEs are filed on unsound library APIs like cpy, even absent any misuse. Whereas all memory-unsafe languages' CVEs are filed only on concrete occurrence of misuse, because literally everything is unsound; those langs do not have such thing as a sound API in the first place.
@UkonnRa
Serde's ratio of weekday downloads to weekend downloads is nearly the same as crates-io's overall ratio.
Prost has a bigger proportion of its downloads on weekdays and smaller on weekend, because ain't nobody does protobuf stuff for fun on a weekend.
Release notes for serde-yaml 0.9: <>
Fun fact: this crate was my first ever Rust code. I'm sure someone can dig up a link to the initial commit. The crate has been mostly unchanged and neglected for 6 years but this near-complete rewrite is quite good.
My analysis of the 2023 Stack Overflow survey data:
If everyone "does what they want" across all languages (all unhappy current users stop using it, all interested non-users adopt it) then Rust usage grows 2.3×, Python shrinks to 0.81×, C++ shrinks to 0.73× of this year's usage.
@andresmargalef
@mitsuhiko
Serde & serde_json & serde_derive all do not use `?` because it is too slow in both runtime and compile time. IIRC the factors are around same as what Armin found, 9–15%.
@m_ou_se
Subtle? I can do subtle.
Here is one that involves at least 3 rustfmt bugs. For bonus, you can format it A SECOND TIME and the code will change again.
https:/play.rust-lang.org/?gist=311cd549627d6826e674cc06165129f0
Curious why traffic to cxx.rs is dominated by India, while for serde.rs India is not even in top 5.
Google `cxx india` turns up mostly porn sites—is "cxx" a bastardization of "sex"/"xxx"? And "rupee" being abbreviated "Rs"—have I hijacked a subcontinent's naughty searches?
Anyone know what's been happening with package count on npm?
They have been averaging steady <1000/day for multiple years. But since last week it's been 80,000/day.
Is this the e-book spam I've heard about? Is it GPT-4 taking over the world?
My brother is thinking of a career change—If any of you would want to hire the less experienced version of me for cheap, please email him or DM me. Interested in advice or entry level roles in data analysis, insurance, banking, IT/tech support, or anything math/stats/modeling.
Today I think this is about as wrong today as it was in 2016. We don't have materially fewer blind spots today, due to the scope of what Rust is imminently applicable to being vastly bigger.
@andresmargalef
@mitsuhiko
One would hope rustc could just notice the orig and return error type are inferred to the same type, and produce exactly the same LLVM IR as the simpler macro does in that situation, instead of all the internal mechanics of `?`. Every result-heavy rust program gets 9% faster?
Serious proposal: if more than 30% of crates·io has a direct dependency on a person's crates, then all of that person's crates should get prioritized in the docs·rs build queue instead of waiting behind the cryptocurrency crates for hours/days.
@pcwalton
This program would have CVE:
fn main() {
let x = 9;
print!("{}", cpy(&x));
}
pub fn cpy(p: *const i32) -> i32 {
unsafe { *p }
}
despite not even UB. It is 100% guaranteed behavior, but "not correct Rust". Examples like this might help folks see the different standard.
Which of the following functions are legal to pass as argument to `dispatch`? (⬇️ 4 questions, there is at least 1 yes and 1 no)
fn dispatch<T>(f: impl Fn(&mut View<T>)) {}
struct View<'a, T: 'a> {
marker: PhantomData<&'a mut T>,
}
For the past month, I've been a bit more actively contributing to the
@rustlang
project, and it's been a wonderful experience. The reviewers are all so friendly and helpful. <3 Looking forward to keep doing this more. 😊
@ekuber
@timClicks
I opted out of this particular personality cult by putting 'Expert'. There are plenty of people with greater expertise than me in some areas of Rust, and the areas that I am best at are not always the most important.
@matthiasendler
I found the following aggregation informative. This graph is fraction of crates that used a previous-generation error library over time, vs current-gen library. Prev gen peaked at 9.5% while anyhow/thiserror are at 16% and climbing. So 2× crates benefit from error lib as used to.
[Cargo, JS]—day-zero new user experience: I typed some things in the console and it did what I meant
[Buck2, Rust]—wtf is a prelude? Why is String different from the type of a string literal? Why is that thing a macro?
Printer is in charge of parenthesis insertion so that e.g. `a*B` where B is `c+d` gets printed as `a*(c+d)`, not `a*c+d`.
Conventionally this is done using an integer precedence level. Add parens whenever precedence of the subexpression's expr kind is less than outer expression.
[Cargo, JS]—decent tool for many jobs. In the extreme, with sufficient effort you can build some deranged things that are way outside the scope of what it's appropriate for, and regret it
[Buck2, Rust]—scales to make the arbitrarily deranged thing sanely maintainable and fast
New details emerge on the India mystery. The search query is "सीएक्सएक्स" which Google Translate just translates to "cxx". Is that an accurate translation? What does this term refer to — does it have anything to do with C++?
Curious why traffic to cxx.rs is dominated by India, while for serde.rs India is not even in top 5.
Google `cxx india` turns up mostly porn sites—is "cxx" a bastardization of "sex"/"xxx"? And "rupee" being abbreviated "Rs"—have I hijacked a subcontinent's naughty searches?
@sgrif
@yoshuawuyts
@jntrnr
We'd like to have distribute proc macros as precompiled wasm binaries that are executed by a wasm runtime in the compiler. Then adding a dependency on a proc macro no longer adds anything to compile time.
The parser "just" needs to implement all the special cases and bespoke restrictions, which is straightforward.
The AST printer needs to backsolve the transitive consequences of all special cases stacked upon one another.
It matters that the printer always produce syntactically valid output code. Otherwise we couldn't pipe the output of `cargo expand` (macro expansion) to format with rustfmt.
In the formatter, precedence isn't as complex because the input code is already adequately parenthesized.
Writing an AST printer for Rust that consistently produces syntactically valid output code is fiendishly complicated. Precedence in Rust is an 8-dimensional vector space as a consequence of all kinds of early bailouts and lookaheads and special cases in the grammar.
@squirrellang
@erin_catto
(Serde author here.) "I'm surprised people are excited by Rust" is such a surprising takeaway. I vastly prefer what we have over runtime reflection, for the majority of the same use cases and many more.
Example: the closures/ranges grammar I tweeted about. There is no integer precedence level that captures the precedence relationships in this code.
Or: `break 1 + 'a: loop {}` is valid syntax but `break 'a: loop {} + 1` is not, `break 'b 'a: loop {}` is.
@sunshowers6
Did not get sick, have not heard of anyone getting sick.
But as someone who skipped all 10 talks and spent the day in the hallway track talking, it took a couple days for my voice to recover from speaking loudly enough to be clear through a mask.
@ManishEarth
If at any point in the future we add another, I 100% welcome scrutiny over whether it is CORRECT but I reject (and will ban) the inevitable crusaders coming in with "how dare you believe you can write correct unsafe code, only the standard library can write correct unsafe code".
[Cargo, JS]—who needs to think precisely about types or action inputs if it can just do what you "meant". Build_rs is Turing-complete so go wild
[Buck2, Rust]—solid academic foundation, static build graph info unlocks abilities as game-changing as typing does for static analysis
@ekuber
@theprincessxena
`<-` is not legal syntax for binop with negative rhs.
help: if you meant to write a comparison against a negative value, add a space in between `<` and `-`
|
2 | let x = 0< -1;
| ~~~
@ekuber
@timClicks
Perceiving expert knowledge as the dominant axis in our work does a poor job setting anybody else up for success. I know of plenty of serious Rust experts who have never gotten themselves anywhere.
@payforexposure
@pcwalton
Patrick's observation holds if you plug in Language X = C++. Language X is not memory safe.
As for me, not holding my breath for C++ to figure out how to be a better C++.
@Sunjay03
If the code and target are truly fixed, the correct way to reflect that is to compile the binary and then delete the source code. That avoids giving the false impression that you can rebuild it later and get the same asm out of the UB code.
If you do that, then sgtm.
"The U.S. Cybersecurity & Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), and cybersecurity authorities of Australia, Canada, United Kingdom, and New Zealand jointly developed this guidance"
@nick_r_cameron
Cargo vendor for talking to crates.io and resolving a toml manifest. Buck for all builds. Buck invokes rustc.
Remote execution, distributed build caches, reproducible hermetic builds, C++/OCaml/Python depending on Rust libs, Rust depend on C++, good tooling to query build graph
@mgattozzi
XML is not a good fit for Serde and I have been rejecting feature requests that XML people want.
I propose that you should be looking for an XML library with a good XML-specific derive macro, not hacks on hacks on Serde's derives.
@ekuber
@timClicks
I would identify Niko's immense impact more with project management, imagination, negotiation, and trust than all-encompassing expert Rust knowledge.
I would identify my impact more with time investment, creativity, chaos tolerance, taste and privilege than expertise.
@josh_triplett
- Rustfmt is no good for generated code. I believe that I can do better.
- It takes longer than 450ms to compile.
- It doesn't build on a stable toolchain because it uses the compilers internal unstable syntax tree.
- It is not published to crates.io.
My previous ad hoc implementation could take 45 minutes for complex queries, using an algorithm that is effectively hopeless to parallelize short of reinventing a dataflow framework.
New implementation based on differential-dataflow computes the same in 16 seconds on 32 cores.
@benj_fry
@pcwalton
mem::forget (the function for leaking a value) used to be unsafe and documented as incorrect to call unless the value was already deallocated by some other mechanism, so using it for a leak would have been UB. It was quietly redefined to be safe later on.