I think maybe it’s a short term thing. They’re trying to expedite getting off wikidot and having a read only copy of their data is the fastest way to do that. I’m assuming the plan would be to then transition to a write enabled implementation as soon as possible. That’s my best guess anyway.

You absolutely should not be just ignoring too many requests responses. The entire point of putting rate limits on APIs is to reduce resource usage and while it doesn’t take many resources to serve up a request denied message that amount isn’t zero. If you continue to hammer an API that has rate limited you at some point they will decide your traffic is malicious and just start blackholing all your requests.

I’m honestly not sure what the best way to do rate limiting would be, I suspect that might depend on a number of factors such as what web client and async framework you’re using, but I would recommend if at all possible using a library rather than rolling your own. The library you found so far seems reasonable enough at least as a first attempt.

What was claimed is that you can’t get a Rust job which implies there are no Rust jobs, so it’s important to call out the distinction. This was further implied by the tone of the article title which implied that the author was leaving Rust for good. While the contents of the article was more nuanced the title counts for a lot and has to be taken into consideration.

On the whole cryptocurrencies/blockchain jobs thing I’m not even sure I’d consider those real jobs. The overwhelming majority of those are startups that pay in equity and I expect nearly 100% of them to fail making that “equity” utterly worthless. I’d only consider positions in established companies paying actual salaries as real jobs.

Perhaps but it’s also a subtle but important distinction between “there are no Rust jobs” and “there are no open Rust jobs”. The former implies it’s a dead end skill set while the latter implies potential openings in the future. It may just be one of those things where you need to keep your ears open for openings and jump on one when you see it. Personally I think Rust is just getting started and there will be a ton of job opening’s, just maybe not for a little while longer.

That’s my guess. All the openings are being filled internally and never even make it to public listings.

Reading the comments it seems like there may be a bunch of Rust jobs, they’re just not advertised as much and many of them are filled by senior people with expertise in other areas and languages. In particular it seems like a lot of jobs at Amazon in the AWS department use it heavily. It might simply be too new to really see heavy recruiting for new hires yet. In another decade as teams expand and senior people move to other positions or retire we might see a sudden surge in companies looking for Rust devs.

Cargo is doing too many things at once. It’s a build system but also a package manager but also manages dependencies? Idk what to even call it.

Somewhat agreed, but it’s a very difficult problem to solve. No language has yet come up with the perfect build tool. JS is on what, like the 12th build tool in as many years now? Some serious throwing stones in glass houses vibes here.

Syntax is very confusing for no reason. You can’t just look at rust code and immediately know what it does.

Strongly disagree on this point. Those extra glyphs in Rust are not just cosmetic, each one means something very specific and conveys very important information.

Having to pollute your code &, ? and .clone() everywhere to deal with ownership

You don’t “deal with” ownership, it’s an incredibly powerful tool you use. This just sounds like you haven’t really understood what the borrow checker is actually doing and the hundreds of problems it solves for you. I can not count how many times now I’ve been working in another language and had the thought “I could solve this with the borrow checker”

Js is way more readable.

JS is not more readable, JS is just far less detailed. It omits a vast swath of information such that you have almost no idea what it’s actually doing. It feels easier to you because you don’t care about any of the details, but those details become vitally important when things stop working and you’re trying to figure out why. This sounds to me like you’ve never had to write any actually complicated code. If all you’re trying to do is chain together a series of HTTP calls and maybe parse a tiny bit of JSON, yeah, Rust is like using a nuke to kill an ant.

Similarly, Async code starts to look really ugly and overengineered in rust.

A little bit, but mostly because doing async right is really complicated. Once again no language has a really great solution to this problem yet, they all involve tradeoffs.

Multiple string types like &str, String, str, instead of just one “str” function.

Once again it seems you don’t really understand the difference between owned and borrowed values or stack vs. heap allocation and why it matters. Really there’s only one type of String which is String, the others are just different ways of borrowing a String (with different tradeoffs).

i32 i64 i8 f8 f16 f32 instead of a single unified “number” type like in typescript. Even in C you can just write “int” and be done with it

If all you want is a “int” you can just use i64 for everything and “be done with it” as you say, you’ll just be adding a ton of wasted memory and needless overhead for no good reason. Seems like you just don’t like strong typing. I’m surprised you even bother with TypeScript instead of just using JavaScript.

Having to use #[tokio:main] to make the main function async (which should just be inbuilt functionality, btw tokio adds insane bloat to your program) yet you literally can’t write code without it.

You absolutely can write code without using #[tokio:main], you can even use tokio without that, it just saves you having to write a bunch of boilerplate to initialize tokios executer and pass your async functions to it. You can even use async functions without tokio, you just need to provide your own executor. Async in Rust is still pretty new and some of the rough edges are still being worked out, it will get smoother, but honestly the things you’re complaining about aren’t even the annoying parts about it.

Speaking of bloat, a basic get request in a low level language shouldn’t be 32mb, it’s around 16kb with C and libcurl, despite the C program being more lines of code. Why is it so bloated? This makes using rust for serious embedded systems unfeasible and C a much better option.

I have no idea what you’re doing to generate code sizes like that, but I guarantee you could get a significantly smaller program in Rust that does exactly what the C code is doing. As for embedded this is patently false. I personally use Rust regularly on embedded devices that don’t even have 32mb of RAM on them.

With cargo you literally have to compile everything instead of them shipping proper binaries. Why???

This isn’t a cargo thing, this is a Rust compiler thing. The Rust ABI hasn’t been standardized which means currently there’s no guarantee that Rust code compiled by one version of the compiler can successfully link against code compiled by a different version. Until not that long ago C++ actually had the same problem. This will eventually get fixed, but the language team feels things are still moving too fast to define a concrete standard yet.

Another major issue I’ve encountered is libraries in Rust, or lack thereof. Every single library in rust is half-baked.

Rust is still pretty new, so a lot of libraries are still in active development, but there are already many excellent and very well documented libraries. Axum is literally one of the newest web frameworks in Rust and didn’t even exist that long ago. I’ve seen far worse documentation for JS libraries (and don’t even mention C, the gold standard there is practically a man page that’s just a glorified header file).

As for “memory safety”, it’s a buzzword. Just use a garbage collector.

Memory safety is not “just a buzzword”, there’s a reason all the top vulnerabilities for decades now are all memory safety issues. As for a garbage collector, good luck with that when writing embedded software or a kernel.

The rest of your rant basically boils down to “my particular simple use case doesn’t see much value from what Rust provides”, which is fine. If you don’t need the power of Rust, use something weaker, not every problem needs the nuclear option, sometimes you just need something quick and dirty that will run a few times before it falls over. Hell, sometimes a quick Perl script is the right solution. I mean, not often, but it does sometimes happen. When you do find a problem that your quick and dirty approach isn’t working on then you’ll see the value in Rust.

It’s an interesting point but I think it kind of confuses two different but related concepts. From the perspective of the library author a vulnerability is a vulnerability and needs to be fixed. From the perspective of the library consumer a vulnerability may or may not be an issue depending on a lot of factors. In some ways severity exists in the wrong place, as it’s really the consumer that needs to decide the severity not the library.

A CVE without a severity score I think is fine. Including the list of CWEs that a particular CVE is composed of I think is useful as well. But CVE should not include a severity score because there really isn’t a single severity but a range of severities depending on specific usage. At best the severity score of a CVE represents a worst case scenario not even an average case, nevermind the case for a specific project.

Yeah, our security team once flagged our app for having a SQL injection vulnerability in one of our dependencies. We told them we weren’t going to do anything about it. They got really mad and set up a meeting with one of the executives apparently planning to publicly chew us out.

We get there, they give the explanation about major security vulnerability that we’re ignoring, etc. After they said their bit we asked them how they had come to the conclusion we had a SQL injection. Explanation was about what you’d expect, they scanned our dependencies and one of the libraries had a security advisory. We then explained that there were two problems with their findings. First, we don’t use SQL anywhere in our app, so there’s no conceivable way we could have a SQL injection vulnerability. Second our app didn’t have a database or data storage of any kind, we only made RESTful web requests, so even if there was some kind of injection vulnerability (which there wasn’t) it would still be sanitized by the services we were calling. That was the last time they even bothered arguing with us when we told them we were ignoring one of their findings.

It’s a good idea to be aware of any security advisories of your projects dependencies, but it’s also equally important to be aware of your actual attack surface and audience. It for instance may not matter to your entirely offline and utterly unprivileged app that there’s an arbitrary code execution flaw in one of your dependencies because any theoretical attacker is the user themself and they would only be executing code they already had the capability to execute. On the other hand such a flaw in other circumstances could be absolutely critical. It’s really down to you as the author of the code to evaluate any security advisories through the lens of your codes expected use cases.

So, it’s C#?

No, that’s what Java would look like today if designed by a giant evil megacorp… or was that J++. Eh, same difference. /s

This did make me laugh though. Anyone else remember that brief period in the mid-90s when MS released Visual J++ aka Alpha C#? Of course then Sun sued them into the ground and they ended up abandoning that for a little while until they were ready to release the rebranded version in 2000.

Maybe, although I’m not aware of any other language that has the same abstraction around ownership and lifetimes. Most other languages I’m aware of that have more (or equivalently) powerful type systems are also GCed languages that don’t let you directly control whether something gets stack or heap allocated. Nor due they allow you to guarantee that a variable is entirely consumed by some operation and no dangling references remain. While at a high level you can write something that accomplishes a similar result in other higher level languages, you can not express exactly the same thing due to not having direct access to the lower level memory management details.

Hmm, yes and no. You can express a program that does anything in any language, but API design is as much about what can’t be expressed (with that API) as what can. A well designed API lets you do the things that are desirable while making it impossible to do things that aren’t. You can of course bypass APIs to do anything the language allows, even in Rust if you break out the unsafe blocks and functions there’s pretty much nothing you can’t bypass with enough effort, but you very much have to set out to not use the API to do that.

Basically modern language with modern tooling. It’s what C++ would look like if it had been designed today. The big thing though is the abstraction of ownership and lifetimes which took C++ ideas of scopes, smart pointers, and destructors and polished them into something much more powerful. Simply put it’s possible to design APIs in Rust that are literally impossible to express in any other language, and that’s a big deal.

Added on top of that is a modern dependency management system that is severely needed in languages like C and C++, and a very powerful meta programming system that enables compile time code generation and feature selection that’s much safer and powerful than C and C++ fairly primitive pre-processor (although C++ STL does come close).

That does appear to be the problem. The US might not officially be a gerontocracy, but it sure does a damn good job looking like it these days.

It didn’t say that it would make anything radioactive, it said there was a radiation hazard. Radar is in fact radiation, it’s just non-ionizing which means that unless you’re dealing with massive power levels it’s generally safe to be around. If they’re warning of an extreme radiation hazard it’s either not radar, or they’re pumping a ridiculous amount of power into it.

He’s a Lemmygrad user, there’s no point in debating him. He’s just going to keep spouting a bunch of pro-Russia propaganda. It makes me seriously question the source of the article as well. I can’t say one way or another if it’s part of Russian propaganda, but the fact that a lemmygrad user posted it does suggest it started circulating among consumers of Russian propaganda, so there’s some circumstantial evidence at least. At any rate, it’s a just an opinion piece and probably shouldn’t be posted in this community.

What a load of crap. It’s the equivalent of “If the sun suddenly exploded it would be really bad for Biden!”. This is almost literally some GQPs wet dream. There are no facts in that “article” just the same conspiratorial ravings that they failed to prove last time, they’re just dusting them off now that Hunter is getting raked over the coals to appease the GOP. This will end the same way, yes Hunter committed some crimes that he’s already been tried for and found guilty, but no he’s not a government employee and Joe had nothing to do with it.

And monkeys could fly out of my ass. Before we start hand wringing about AI someone would probably need to actually invent one. We’re probably closer to actual room temperature fusion at this point than we are an actual general purpose AI.

Instead of wasting time worrying about a thing that doesn’t even exist and probably won’t in any of our lifetimes, we should probably do something about the things actually killing us like global warming and unchecked corporate greed.

Probably a decent number of them like me where when I signed up there back then it was basically just lemmy.ml and lemmygrad.ml to pick from. Now that there are other options I created accounts on a couple other instances for redundancy (plus at the time lemmy.ml was buckling under the load) as well as having content and moderation rules I liked better. I’d bet a large number of those inactive accounts are actually active on lemmy, just on different instances.