view the rest of the comments
Firefox
The latest news and developments on Firefox and Mozilla, a global non-profit that strives to promote openness, innovation and opportunity on the web.
You can subscribe to this community from any Kbin or Lemmy instance:
Related
- Firefox Customs: !FirefoxCSS@fedia.io
- Thunderbird: !Thunderbird@fedia.io
Rules
While we are not an official Mozilla community, we have adopted the Mozilla Community Participation Guidelines as far as it can be applied to a bin.
Rules
-
Always be civil and respectful
Don't be toxic, hostile, or a troll, especially towards Mozilla employees. This includes gratuitous use of profanity. -
Don't be a bigot
No form of bigotry will be tolerated. -
Don't post security compromising suggestions
If you do, include an obvious and clear warning. -
Don't post conspiracy theories
Especially ones about nefarious intentions or funding. If you're concerned: Ask. Please don’t fuel conspiracy thinking here. Don’t try to spread FUD, especially against reliable privacy-enhancing software. Extraordinary claims require extraordinary evidence. Show credible sources. -
Don't accuse others of shilling
Send honest concerns to the moderators and/or admins, and we will investigate. -
Do not remove your help posts after they receive replies
Half the point of asking questions in a public sub is so that everyone can benefit from the answers—which is impossible if you go deleting everything behind yourself once you've gotten yours.
@bagder (i will keep banging the drums that most of the FOSS "supply chain" fear could be handled by investing more in programming language tooling, as Rust demonstrate, and that it would be a small overall cost for massive pay off...)
@Di4na possibly: I believe Rust is generally a good thing for most things, but I believe the Rust ecosystem with cargo and bazillions of always-updatiing tiny dependencies risk adding friction and at least complicates the equation quite a lot
@bagder@mastodon.social This is my biggest worry too: they essentially copied the NPM package management model and practices. Good for short term productivity, but I worry that it causes significant long-term maintainability problems.
And everything is version 0.x, in part due to technical limitations of Cargo: moving out of 0.x is a breaking change, so if you have users on 0.x (which Cargo encourages by treating 0.x specially) moving out of 0.x breaks them.
@bagder@mastodon.social @Di4na@hachyderm.io
I'm not sure it is a tooling issue. I find cargo to be a great tool, and it have a lock file to let you update deps in a controlled fashion.
I think this comes down to a cultural issue, where the rust community, much like the JS community, put every little utility function in it's own library. Hence, you tend to get a gazillion small dependencies that is hard to keep track of.
@bagder@mastodon.social i mean yes, but at least the compiler is a tool.
While C and others are uh. Well some are finally realising they have users