overview for BB

The security situation with the Arch Linux AUR got a lot worse in c/linux@programming.dev

[–] BB_C@programming.dev 1 points 1 day ago

still weaker than Debian

There is a lot of myths that surround what distros actually do, can do, and have the resources to do. We had this discussion in one of the two threads I linked.

The security situation with the Arch Linux AUR got a lot worse in c/linux@programming.dev

[–] BB_C@programming.dev 3 points 2 days ago* (last edited 1 day ago) (3 children)

That's a failed analogy. The AUR is an end-user build-script repo, not a source/binary/source+binary repo for both devs and sometimes users.

If you e.g. install a CLI tool via cargo, there is at least an implicit tree of trust, with each dependant in a dependency tree doing at least some minimal vetting of dependencies. And the source is all there anyway (barring exceptions like build.rs pulling code, or the indirection of proc macros).

The same applies to npm and pypi, although there is no distinction between "code" and "binary", given the scripting nature of the languages. But some pypi packages do actually distribute binaries (e.g. C/C++ compiled libraries). Don't know about npm.

But, if I'm not mistaken, the py/js tooling wasn't always there for stuff like full pinning of dep versions like cargo, and that's a very important technical detail.

With the AUR, there is no trust tree. And often no fixed code (or binaries) to look at (e.g. *-git packages). So the feasibility of doing any sort of global in-tree checking/vetting is not there. On the other hand, source repos are responsible for removing, or at least flagging, malware or otherwise harmful packages once that becomes known.

Incidentally, I commented on both AUR security and cargo trust here and here. So, I will stop blabbing.

A modernized, complete, self-contained TeX/LaTeX engine, powered by XeTeX and TeXLive. in c/opensource@programming.dev

[–] BB_C@programming.dev 1 points 2 days ago

If it's Tex, it's not modern.
It's like:
"We have Swiss cheese with no holes."
Swiss cheese, or no holes? Pick one!

Is Rust supposed to be that hard? in c/programming@programming.dev

[–] BB_C@programming.dev 6 points 5 days ago (1 children)

Another hit-and-run Rust thread!

I advise against any more activity here, until, or rather, unless OP appears again.

18KB file listing tool in no_std Rust and libc in c/rust@programming.dev

[–] BB_C@programming.dev 4 points 6 days ago (1 children)

    "-C", "link-arg=-lstdc++",
    "-C", "link-arg=-lsupc++",
    "-C", "link-arg=-lgcc_s"

Now, that's just funny. But hey, you're using -Os to keep that binary size low 😇

And what's with the global allocator being initialized in a module? (didn't/don't know if that even works)

If you want to do things really minimally, check out the rustix crate which wraps syscalls directly.

Otherwise, and if loading huge shared libraries is fine, then you might as well not go nostd at all, since you can just pass -C prefer-dynamic for that elusive magically-small std-using binary 🙄

burntsushi (author of ripgrep among others) was diagnosed with encephalitis in c/rust@programming.dev

[–] BB_C@programming.dev 17 points 1 week ago* (last edited 1 week ago)

Get well brother.

As a son of a specialist physician, I know full well how hard it can be to connect the dots between random symptoms and a problem that's actually in the brain. It's not rare for such confirmed diagnoses to become case presentations (which is how I know 😉).

VSCode-style TUI written in Rust in c/rust@programming.dev

[–] BB_C@programming.dev 6 points 2 weeks ago* (last edited 2 weeks ago) (1 children)

creen TUI workloads (vt100 0.16 leaks tens of GB under multi-hour claude-style streams; this does not).

Interesting stress test you got there.

wild v0.9 released (wild is a super-fast linker with the end goal of supporting incremental linking) in c/programming@programming.dev

[–] BB_C@programming.dev 1 points 3 weeks ago

It's on the title, you don't even need to read the excerpt👆.

But more seriously, the excerpt is from the release/tag notes, but what's quoted above is from the README.

wild v0.9 released (wild is a super-fast linker with the end goal of supporting incremental linking) in c/programming@programming.dev

[–] BB_C@programming.dev 0 points 3 weeks ago

While eventually implementing incremental linking was the inspiration, as already pointed out. It's actually already faster than mold (see benchmarks).

26

wild v0.9 released (wild is a super-fast linker with the end goal of supporting incremental linking) (github.com)

submitted 3 weeks ago by BB_C@programming.dev to c/programming@programming.dev

7 comments fedilink

A lot of work in this release was related to porting to other platforms. We did a large number of refactorings to put ELF-specific behaviour behind traits. We've also started work on porting to Mach-O and WebAssembly. These aren't yet ready for use, but if you'd like to help out with porting, get in touch.

Wild now supports the linker plugin API that was originally part of the Gold linker, but which is also supported by GNU ld and Mold. This lets us do linker-plugin LTO (link time optimisation). There are still a few known issues, but it's already working on a good range of programs. Pure Rust projects generally don't use linker plugins, since Rust can do LTO within the compiler, so this is mostly helpful for C, C++ or mixed language projects. Note that when using a linker plugin, link times will be very slow.

Lots more linker-script features were implemented during this release.

[...]

1

Slint 1.16 Released (GUI toolkit) (slint.dev)

submitted 2 months ago by BB_C@programming.dev to c/rust@programming.dev

0 comments fedilink

rustc_codegen_gcc: Progress Report #37 in c/rust@programming.dev

[–] BB_C@programming.dev 1 points 9 months ago

Thank you for the update.

rustc_codegen_gcc: Progress Report #37 in c/rust@programming.dev

[–] BB_C@programming.dev 2 points 9 months ago (2 children)

Thank you (+ contributors) for doing this work and keeping us posted.

Last time I took a look, I think LTO was broken. Is that still the case?

Heapless (data structures for embedded) v0.9.1 has been released! in c/rust@programming.dev

[–] BB_C@programming.dev 3 points 9 months ago (3 children)

I always felt "for embedded" was always selling this crate short, or rather pushing potential users away who aren't aware some data structures here are useful in non-embedded scenarios.

I for example use the admittedly simple Deque (with its is_full()) method in one of my projects for pushing/popping tasks to/from a fixed-size thread queue, which one could argue is a very unembedded-like use-case 😉.

16

koto v0.16.0 released (koto is a scripting programming language) (github.com)

submitted 10 months ago* (last edited 10 months ago) by BB_C@programming.dev to c/programming@programming.dev

4 comments fedilink

28

When I found out even Rust needed the clib, it was like seeing an iron-clad fortress only to look closer and see it was being held up by sticks, ducktape, and prayers. (github.com)

submitted 1 year ago by BB_C@programming.dev to c/programmingcirclejerk@programming.dev

7 comments fedilink

Every programming problem I have, when I track it down to it's source, seems to originate with C/C++. It wasn't till a few years ago that I realized how seriously everything I do somehow, some way, has C/C++ as a foundation. Basically every zero-day exploit in my cyber security class is because of something stupid in C/C++. And it goes well beyond security, the more I dive into C++ the more terrible stuff I find. When I found out even Rust needed the clib, it was like seeing an iron-clad fortress only to look closer and see it was being held up by sticks, ducktape, and prayers.

34

[OC] Rust tops a diverse list of implementation languages in projects getting NLnet grants, Python 2nd, C is alive, and C++ is half dead! (programming.dev)

submitted 1 year ago* (last edited 1 year ago) by BB_C@programming.dev to c/programming@programming.dev

0 comments fedilink

https://nlnet.nl/news/2025/20250321-call-announcement-core.html

Notes

Projects meaningfully sharing two programming languages get 0.5 a point each, even if the split is not exactly half-half.
Two projects are listed under "Multi/Misc/Other" which is opinionated, and some may disagree with.
Three points (5 projects) are assigned to "Unaccounted/Not Available". Two of the projects have no code at all (related to the grant, or otherwise). One project with no published code is (charitably) listed under "Python", however, since the author mentions Python+QT as the choice for implementation.

1.5 (3 projects) C++

https://github.com/IObundle/iob-versat
(software part = 0.5, hardware is Verilog)
https://github.com/overte-org/overte
(0.5 C++, 0.5 JS)
https://kde.org/plasma-desktop
(grant is about mobile power management improvements, no idea about the code, but KDE/Plasma is C++, so charitable 0.5 for C++, 0.5 unaccounted)

1 Clojure

https://github.com/NyanCAD/Mosaic

1 Assembly

https://lib25519.cr.yp.to/
(grant covers NEON vector implementation)

1 Haskell

https://github.com/ghc-proposals/ghc-proposals

1 Julia

https://github.com/PeaceFounder/AppBundler.jl

0.5 Shell

https://git.syndicate-lang.org/synit/synit
(0.5 rust, 0.5 shell)

2* Multi/Misc/Other

https://github.com/IObundle/iob-linux
(build project, a mix of python, Make, and C from OpenSBI)
https://unifiedpush.org/
(specification for Android and D-Bus. Implementations in Go, C, Kotlin, and Flutter)

3* (5 projects) Unaccounted/Not Available

https://www.gnunet.org/
(possible non-native Android yet to be written)
https://kde.org/plasma-desktop
(grant is about mobile power management improvements, no idea about the code but, KDE/Plasma is C++, so 0.5 for C++, 0.5 unaccounted)
https://nlnet.nl/project/LicenseCompatibilityAutomation
(no external link or specific info about the implementation)
https://librediagnostic.com/
(fully unaccounted, site pages "under construction")
https://github.com/mapterhorn
(fully unaccounted, from org readme "Coming soon...")

21

[OC] Rust tops a diverse list of implementation languages in projects getting NLnet grants, Python 2nd, C is alive, and C++ is half dead! (programming.dev)

submitted 1 year ago by BB_C@programming.dev to c/rust@programming.dev

0 comments fedilink

https://nlnet.nl/news/2025/20250321-call-announcement-core.html

Notes

Projects meaningfully sharing two programming languages get 0.5 a point each, even if the split is not exactly half-half.
Two projects are listed under "Multi/Misc/Other" which is opinionated, and some may disagree with.
Three points (5 projects) are assigned to "Unaccounted/Not Available". Two of the projects have no code at all (related to the grant, or otherwise). One project with no published code is (charitably) listed under "Python", however, since the author mentions Python+QT as the choice for implementation.

9.5 (10 projects) Rust

https://git.joyofhardware.com/Products/FastWave2.0
https://github.com/slint-ui/slint
https://github.com/stalwartlabs/mail-server
https://github.com/dimforge
https://github.com/DioxusLabs/blitz
https://github.com/fdtshim
https://github.com/trynova/nova
https://github.com/yaws-rs
https://github.com/lycheeverse/lychee
https://git.syndicate-lang.org/synit/synit
(0.5 rust, 0.5 shell)

9 Python (8 + 1 project without code)

https://github.com/owasp-dep-scan/blint
https://github.com/web-platform-tests/wpt
https://github.com/niccokunzmann/open-web-calendar
https://git.xmpp-it.net/sch/Rivista
https://github.com/DataLab-Platform/DataLab
https://codeberg.org/IzzyOnDroid/rbtlog
https://gitlab.com/py3dtiles/py3dtiles
https://codeberg.org/flohmarkt/flohmarkt
https://rackweaver.app/
(says python+qt, but no code yet)

6 (7 projects) C

https://mntre.com/sources.html
https://github.com/open-sdr/openwifi
https://wiki.musl-libc.org/
https://github.com/LekKit/RVVM
https://github.com/skarnet/s6-rc
https://git.savannah.gnu.org/git/mes
(scheme interpreter, compiler + minimal libc in C = 0.5)
https://www.gnunet.org/
(gnunet itself is C = 0.5, Anroid work would presumably use Java/Kotlin/Dart/... = 0.5 unaccounted)

3.5 (4 projects) TypeScript

https://github.com/cartesapp/cartes
https://github.com/edumeet
https://github.com/adorsys/open-banking-gateway
(0.5 Java, 0.5 TypeScript)
https://github.com/janeirodigital/sai-js
(grant is about specification work. But implementation is in TypeScript)

3.5 (4 projects) Java

https://github.com/slovensko-digital/autogram
https://github.com/igniterealtime/Openfire
https://github.com/MarginaliaSearch/MarginaliaSearch
https://github.com/adorsys/open-banking-gateway
(0.5 Java, 0.5 TypeScript)

3 Kotlin

https://github.com/florisboard/florisboard
https://github.com/EventFahrplan/EventFahrplan
https://github.com/tuskyapp/Tusky

2.5 (3 projects) Hardware/Verilog/...

https://github.com/opera-platform/opera-dsp
https://github.com/simple-crypto/SMAesH
https://github.com/IObundle/iob-versat
(hardware part = 0.5, software is C++)

2.5 (3 projects) Scheme

https://codeberg.org/spritely/goblins
https://nlnet.nl/project/SchemeTestingFramework
(no external link in grant page)
https://git.savannah.gnu.org/git/mes
(scheme interpreter, compiler + minimal libc in C = 0.5)

2.5 (3 projects) JavaScript

https://github.com/CycloneDX/cdxgen
https://github.com/overte-org/overte
(0.5 C++, 0.5 JS)
https://nlnet.nl/project/TALER-integration-Nuxt
(no external link)

2 Nix

https://nlnet.nl/project/Nix-ControlPlane
https://github.com/ibizaman/selfhostblocks
(no external link)

2 Go

https://github.com/namecoin/encaya
(namecoint-core is written in C++, but the grant is about encaya)
https://github.com/hockeypuck/hockeypuck

1.5 (3 projects) C++

https://github.com/IObundle/iob-versat
(software part = 0.5, hardware is Verilog)
https://github.com/overte-org/overte
(0.5 C++, 0.5 JS)
https://kde.org/plasma-desktop
(grant is about mobile power management improvements, no idea about the code, but KDE/Plasma is C++, so charitable 0.5 for C++, 0.5 unaccounted)

1 Clojure

https://github.com/NyanCAD/Mosaic

1 Assembly

https://lib25519.cr.yp.to/
(grant covers NEON vector implementation)

1 Haskell

https://github.com/ghc-proposals/ghc-proposals

1 Julia

https://github.com/PeaceFounder/AppBundler.jl

0.5 Shell

https://git.syndicate-lang.org/synit/synit
(0.5 rust, 0.5 shell)

2* Multi/Misc/Other

https://github.com/IObundle/iob-linux
(build project, a mix of python, Make, and C from OpenSBI)
https://unifiedpush.org/
(specification for Android and D-Bus. Implementations in Go, C, Kotlin, and Flutter)

3* (5 projects) Unaccounted/Not Available

https://www.gnunet.org/
(possible non-native Android yet to be written)
https://kde.org/plasma-desktop
(grant is about mobile power management improvements, no idea about the code but, KDE/Plasma is C++, so 0.5 for C++, 0.5 unaccounted)
https://nlnet.nl/project/LicenseCompatibilityAutomation
(no external link or specific info about the implementation)
https://librediagnostic.com/
(fully unaccounted, site pages "under construction")
https://github.com/mapterhorn
(fully unaccounted, from org readme "Coming soon...")

32

Koto: a simple and expressive programming language, usable as an extension language for Rust applications, or as a standalone scripting language (koto.dev)

submitted 1 year ago by BB_C@programming.dev to c/rust@programming.dev

8 comments fedilink

cross-posted from: https://programming.dev/post/23822190

I added this language to my watch list some time ago and forgot about it, until I got a notification about a new release (0.15) yesterday.

I'm someone who is familiar with system languages (C, Rust) and shell languages (Bash, Zsh, ..). But don't have much experience, at a proficient level, with any languages setting in between.

So I gave Koto's language guide a read, and found it to be very well-written, and the premise of the language in general to be interesting. I only got annoyed near the end when I got to @base, because I'm an anti-OOP diehard 😉

I hope this one well start to enjoy some adoption.

50

Koto: a simple and expressive programming language, usable as an extension language for Rust applications, or as a standalone scripting language (koto.dev)

submitted 1 year ago by BB_C@programming.dev to c/programming@programming.dev

12 comments fedilink

I added this language to my watch list some time ago and forgot about it, until I got a notification about a new release (0.15) yesterday.

I'm someone who is familiar with system languages (C, Rust) and shell languages (Bash, Zsh, ..). But don't have much experience, at a proficient level, with any languages setting in between.

So I gave Koto's language guide a read, and found it to be very well-written, and the premise of the language in general to be interesting. I only got annoyed near the end when I got to @base, because I'm an anti-OOP diehard 😉

I hope this one well start to enjoy some adoption.

26

kdl 6.0.0-alpha.1 (first version with a KDL v2 implementation) (github.com)

submitted 2 years ago by BB_C@programming.dev to c/rust@programming.dev

3 comments fedilink

74

COSMIC ALPHA 1 Released (Desktop Environment Written In Rust From System76) (system76.com)

submitted 2 years ago by BB_C@programming.dev to c/rust@programming.dev

11 comments fedilink

archived link

10

cushy v0.3.0 Released (github.com)