libc VS rfcs

> I absolutely don't see how this is a problem with semver,

Strange to not see it. Semver promises to solve dependency hell. In the example everyone correctly followed the sevmver and the app is broken by a dependency hell issue.

> it is not the responsibility of semver to tell a language how packages should be isolated and loaded. That is a problem of a) the language and b) dependency resolution in the package manager.

So semver only works for "good" languages?

> Bundler, by design, does not allow the above, instead having a flat, consistent vision of dependencies.

Ok, so what happens with the app when packages managed by Bundler get fragmented by depending on an incompatible version of sub-dependency (commons-logging 1.1.1 vs 2.0.1 as in the example)?

Also note, even for languages and tooling supporting multiple library versions loaded side by side, there are scenarios where things break.

For example, the "libc apocalypse" situation in Rust https://github.com/rust-lang/libc/issues/547

Here after the "libc" module released a major version, the definition for the `void` C type in two versions of the lib are considered by the compiler as two different types, resulting in breakages everywhere around the library ecosystem.

There are also scenarios for dynamic languages / runtime errors.

> None of this is the responsibility of semver. In fact, semver would help the language provide tooling to detect that kind of "hey this instance is from foo-1.0 but you're trying to consume it in foo-2.0".

And what's next after it detected the dependency hell? It's too late and the person suffering is not in the position to fix it. You have to upgrade to "authentication 1.1.2" for security compliance, because the version 1.1.1 has known vulnerabilities. But that breaks the application, because the maintainer of the lower level dependency "commons-logging" follows semantic versioning.

The promise was to prevent dependency hell, not to detect it.

Quoting the ticket and reiterating the point of my first comment above:

Once again, the point of this ticket is to:

    Remove the false promise that SemVer solves dependency hell by simply increasing major version.

Even if coexistence of multiple library versions is supported, there are scenarios where things break.

For example, the "libc apocalypse" situation in Rust https://github.com/rust-lang/libc/issues/547

Here after the "libc" module released a major version, the definition for the `void` C type in two versions of the lib are considered by the compiler as two different types, resulting in breakages everywhere around the library ecosystem.

There are also scenarios for dynamic languages / runtime errors in statically typed languages.

My main problem with the current SemVer spec, is that it does not mention multiple lib versions problem, and promises the dependency hell issues can be solved simply by updating major version number. Thus encouraging to break backward compatibility freely.

Also note, it's not the case that SemVer is intended only for languages supporting multiple library versions. The SemVer is a product of Ruby community, and Ruby has a global namespace for classes and unable to have several versions of a lib simultaneously.

In 2000s they were breaking compatibility left and right, neglecting elementary compatibility practices. If you were working on an application, practically every time when you update dependencies, something would break.

So (in 2011 ?) they came out with this "manifesto" (Why such a big name? This scheme of versioning was well established in linkers and sonames of all Unix-like systems for decades - it goes back to at least 1987 paper "Shared Libraries in SunOS").

It's a good thing SemVer acknowledges finally that compatibility is a serious matter. Only that it's better to discourage compatibility breakages. An in cases when it's really needed (I agree such cases exists), there are things to take care of in addition to simply increase major version num.

The libc crate exposes system C APIs in Rust code, and is used by the compiler and standard library. It also does not contain any C code. See for yourself.

Ok, what if we are sure that our C code would use a given version of malloc/free only to allocate memory (are we ever sure about anything like that is out of the scope of the article)? Well, in this case we are brave enough to use libc crate in our rust code:

Port libc. I recommend using bindgen for this.

While looking at the libc crate and its build script, I don’t quite understand when or how the crate’s libc definitions link to the build target’s actual libc.

For what it's worth, there's been discussion of this not only for glibc on Linux but also for BSDs which take many more liberties with API and ABI compatibility to keep their technical debt low. I can't summarise the years of discussion here but I encourage anyone interested to read through https://github.com/rust-lang/libc/issues/570

In answer to what appears to be a misunderstanding about Rust:

> Its foreign function interface seems particularly poorly implemented. The official Rust documentation suggests the use of the external third-party libc library (called a 'crate' in Rust parlance) to provide the type definitions necessary to interface with C programs. As of the time of writing, this crate has had 95 releases. Contrast this with Ada’s Interfaces.C package, which was added the language in Ada 95 and hasn’t needed to change in any fundamental way since.

Rust's libc crate isn't third-party, it's first-party, developed by the Rust project itself: https://github.com/rust-lang/libc/ . It's also not just for "type definitions necessary to interface with C programs"; here's the first heading and first paragraph of its README:

"libc - Raw FFI bindings to platforms' system libraries"

libc provides all of the definitions necessary to easily interoperate with C code (or "C-like" code) on each of the platforms that Rust supports. This includes type definitions (e.g. c_int), constants (e.g. EINVAL) as well as function headers (e.g. malloc).

The fact that this library contains low-level type definitions for every platform that Rust supports explains why it's had more than one release: new platforms get added, platforms add new interfaces, and platforms change the definitions of existing interfaces.

> It lacks basic features necessary for the task, like bitfields, and data structure packing.

The latter is achieved via the built-in `repr(packed)` attribute (https://doc.rust-lang.org/nomicon/other-reprs.html#reprpacke...) and the former is provided by the bitflags crate: https://crates.io/crates/bitflags (while unlike libc this does not live under the rust-lang org on Github, it does live under its own org which appears to be populated exclusively by Rust project team members).

It came up in this issue in the libc crate. The initializer for a static has to be const, which is why the issue submitter wanted it. He couldn't use lazy_static or once_cell, common patterns in Rust, since he was later using the static in a unix signal handler (which must be async signal safe).

RFC: Add large language models to Rust

https://github.com/rust-lang/rfcs/pull/3603

Man, SO and family has really gone downhill. That top answer is absolutely terrible. In fact, if you care, you can literally look at the RFC discussion here to see the actual debate: https://github.com/rust-lang/rfcs/pull/582

Basically, `for x in y` is kind of redundant, already sorta-kinda supported by itertools, and there's also a ton of macros that sorta-kinda do it already. It would just be language bloat at this point.

Literally has nothing to do with memory management.

Congrats!

> Similarly, uv does not yet generate a platform-agnostic lockfile. This matches pip-tools, but differs from Poetry and PDM, making uv a better fit for projects built around the pip and pip-tools workflows.

Do you expect to make the higher level workflow independent of requirements.txt / support a platform-agnostic lockfile? Being attached to Rye makes me think "no".

Without being platform agnostic, to me this is dead-on-arrival and unable to meet the "Cargo for Python" aim.

> uv supports alternate resolution strategies. By default, uv follows the standard Python dependency resolution strategy of preferring the latest compatible version of each package. But by passing --resolution=lowest, library authors can test their packages against the lowest-compatible version of their dependencies. (This is similar to Go's Minimal version selection.)

> uv allows for resolutions against arbitrary target Python versions. While pip and pip-tools always resolve against the currently-installed Python version (generating, e.g., a Python 3.12-compatible resolution when running under Python 3.12), uv accepts a --python-version parameter, enabling you to generate, e.g., Python 3.7-compatible resolutions even when running under newer versions.

This is great to see though!

I can understand it being a flag on these lower level, directly invoked dependency resolution operations.

While you aren't onto the higher level operations yet, I think it'd be useful to see if there is any cross-ecosystem learning we can do for my MSRV RFC: https://github.com/rust-lang/rfcs/pull/3537

How are you handling pre-releases in you resolution? Unsure how much of that is specified in PEPs. Its something that Cargo is weak in today but we're slowly improving.

In the early days of Rust there was a debate about whether to support "green threads" and in doing that require runtime support. It was actually implemented and included for a time but it creates problems when trying to do library or embedded code. At the time Go for example chose to go that route, and it was both nice (goroutines are nice to write and well supported) and expensive (effectively requires GC etc). I don't remember the details but there is a Rust RFC from when they removed green threads:

https://github.com/rust-lang/rfcs/blob/0806be4f282144cfcd55b...

I did some more digging. By RFC 899, I believe Alex Crichton meant PR 899 in this repo:

https://github.com/rust-lang/rfcs/pull/899

Still, no real discussion of why unbuffered stderr.

Rust has had a stable SIMD vector API[1] for a long time. But, it's architecture specific. The portable API[2] isn't stable yet, but you probably can't use the portable API for some of the more exotic uses of SIMD anyway. Indeed, that's true in .NET's case too[3].

Rust does all this SIMD too. It just isn't in the standard library. But the regex crate does it. Indeed, this is where .NET got its SIMD approach for multiple substring search from in the first place[4]. ;-)

You're right that Rust's standard library is conservatively vectorized though[5]. The main thing blocking this isn't the lack of SIMD availability. It's more about how the standard library is internally structured, and the fact that things like substring search are not actually defined in `std` directly, but rather, in `core`. There are plans to fix this[6].

[1]: https://doc.rust-lang.org/std/arch/index.html

[2]: https://doc.rust-lang.org/std/simd/index.html

[3]: https://github.com/dotnet/runtime/blob/72fae0073b35a404f03c3...

[4]: https://github.com/dotnet/runtime/pull/88394#issuecomment-16...

[5]: https://github.com/BurntSushi/memchr#why-is-the-standard-lib...

[6]: https://github.com/rust-lang/rfcs/pull/3469