Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Rust is not taking this into the extreme at all. You're taking a ranty ill-informed article way too seriously. Maybe it confirms your bias?


I'm sharing my opinion on a related thread. Sure, I agree with the article. What makes you say that I am ill-informed, except that you disagree with me? Is it a rule that anyone disagreing with you is ill-informed?


Because you and others draw parallels to left-pad and that is very far from what is actually happening in the Rust ecosystem.

> Is it a rule that anyone disagreing with you is ill-informed?

Obviously not, I am getting a bit agitated that nuance is lost during such rants, and I get even more annoyed when people are like "yeah, I agree!" with zero attention to nuance.

Again, the article is ranty and it is not even factually correct -- the terminal functionality does not have such huge amounts of churn as many other modern tech stacks have, happily, but it's not frozen in time as the OP makes it sound. And it's not "change for the sake of change" either. OP even recognizes this part (by saying that other pieces are moving around this mostly static piece) later on which makes his earlier rant even worse IMO.

Hence my annoyance with your and others "+1" comments. Again, any parallels to others, much more churn-ey, ecosystems like Node.JS, are arbitrary and unfair.


> Because you and others draw parallels to left-pad and that is very far from what is actually happening in the Rust ecosystem.

Sorry, where did I mention left-pad?

The only thing I say is: writing a project in C++, I can keep control and have a few dependencies. Doing the same thing in Rust explodes almost immediately: as soon as I add one dependency, the lock file is so big I stop giving a shit.

You can say I am wrong, but I'm just sharing a feeling.


Correct, you're sharing a feeling. And feelings don't matter in our line of work.

Also I wasn't aware you should be "giving a shit" about a lock file. Nor why would that matter for anything at all.

The final program works and you didn't have to reinvent complex wheels (like terminal sizing in OP). I don't see the problem. I only see wins.


Well the problem is exactly what I wrote in my original post: if you pull malware into your program as a transitive dependency, then you ship malware to your users.

You should care about not shipping malware to your users, I don't know how to put it differently.


We all know the dangers, dude.

It's always a ROI and other analyses: stakeholders don't care much about malware in transitive dependencies, they want feature X within timeline Y.

Do I like it? No, I hate it with all my heart, but that's the reality we live in. I am not paid to just tinker with the computer; I am paid to deliver stuff, within various deadlines, and of certain quality and that's not the highest possible, otherwise I'd thoroughly use fuzzers and fiddle with property tests for months, if not years.




Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: