nomicon
cargo-geiger
Our great sponsors
nomicon | cargo-geiger | |
---|---|---|
87 | 30 | |
1,655 | 1,296 | |
3.9% | 1.5% | |
5.5 | 5.4 | |
4 days ago | 3 days ago | |
CSS | Rust | |
Apache License 2.0 | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
nomicon
-
[Media] I'm comparing writing a double-linked list in C++ vs with Rust. The Rust implementation looks substantially more complex. Is this a bad example? (URL in the caption)
itโs even written by the same person that wrote the Nomicon (the guide to the dark arts of unsafe)
-
Rust books to read
If you want to dive deeper you can always have other options but now there are concrete cases, if you want to do low level thing https://doc.rust-lang.org/nomicon/ while if you want multi thread/concurrency stuff https://marabos.nl/atomics/ . There are many many books so you will have to point yourself to what you want
-
Unsafe Rust
Nice video! Glad I could help out. This stuff is hard, and I'm still learning a lot about it myself even years later. The Rustonomicon is a great read if you haven't already.
-
Stepping up the YAML engineer game
Have you got a moment to read through the good book , after reading through this perhaps try the Rustonomicon.
- Questions about ownership rule
-
How to write deserializer for custom binary protocol?
However, this is a wide topic out of scope for a Reddit comment, so maybe just read the Rustonomicon. It explains everything about data handling in Rust.
-
Performance critical ML: How viable is Rust as an alternative to C++
The ownership model & borrow checker makes rust a bit of an awkward language in which to write complex data structures like trees and graphs. It can be done - since you can always use raw pointers & unsafe code when you absolutely need to to treat rust like C. But the language fights you, and the community can get a bit moralistic about this sort of thing. The rust nomicon is a fantastic resource for learning the limits of the borrow checker, and where and how to use unsafe code correctly. You will need unsafe less than you think you will, but sometimes you will have no choice.
-
Sudo and Su Being Rewritten in Rust for Memory Safety
That's a really good point that I feel like isn't talked about enough. Unsafe rust is a lot harder to write correctly than bog standard C, because you have to uphold the invariants to avoid undefined behavior (1). It's why there's a whole ebook about it (2).
That doesn't mean it's impossible to write correct unsafe code, it's just not as obvious as "trust me bro I know better than borrowck." You can't actually elide the invariants Rust upholds, you just have to take over from the compiler when it can't prove them.
(1) https://doc.rust-lang.org/reference/behavior-considered-unde...
-
C++ to Rust Books?
If you are interested in the theoretical stuff that doesn't have much overlap with C++, give the Nomicon a try, or even Learn Rust the Dangerous Way.
-
How can I use rust libraries in zig/C
There's also cbindgen for automating the generation of C headers once you've got your code in the right shape and you'll also want to read the Rustonomicon.
cargo-geiger
-
Was Rust Worth It?
Instead of looking at the crates themselves, you might want to check your (or others') Rust application with https://github.com/rust-secure-code/cargo-geiger to get a sense of effective prevalence. I also dispute that the presence of unsafe somewhere in the dependency tree is an issue in itself, but that's a different discussion that many more had in other sub-threads.
-
Found a language in development called Vale which claims to be the safest AOT compiled language in the World (Claims to beSafer than Rust)
There's still plenty. Run cargo geiger on any of your projects and see for yourself.
- pliron: An extensible compiler IR framework, inspired by MLIR and written in safe Rust.
-
[Discussion] What crates would you like to see?
You can use cargo-geiger or cargo-crev to check for whether people you trusted (e.g. u/jonhoo ) trust this crate.
-
How do you choose what crate you will use?
The amount of unsafe code is also a factor. cargo geiger is a handy tool for measuring it.
-
Rosenpass โ formally verified post-quantum WireGuard
For that, I believe you need to use cargo-geiger[0] and audit the results.
-
Hey Rustaceans! Got a question? Ask here (6/2023)!
cargo-geiger is a subcommand you can install which will check all the crates in your dependency graph for unsafe blocks and print out a report (which also shows if a crate has #![forbid(unsafe_code)] or not). You can then inspect those crates' sources to judge their use of unsafe for yourself. I don't think it has a "check" mode that simply errors if your dependency graph contains unsafe though, it's more about just collecting that information.
-
The most creative, funny, clever, ridiculous, ... library names!
Technically a binary, not a library, but cargo-geiger, which detects usages of unsafe code in dependencies.
-
Should we be worried about proliferation of unsafe in Rust code?
I know that cargo-geiger exists but apparently most people don't care, which is not a good sign. Should we be worried about this? Are there plans to fight and decrease the use of unsafe in Rust code? At least maybe make the core primitives like Rc or Vec safe?
-
Security advisory: malicious crate rustdecimal | Rust Blog
Or rather, the only thing it guarantees is that in certain parts of the code (the parts you don't trust) you can't use unsafe stuff. Which is exactly what #![forbid(unsafe_code)] does! Or some use of https://github.com/rust-secure-code/cargo-geiger or something.
What are some alternatives?
book - The Rust Programming Language
mdBook - Create book from markdown files. Like Gitbook but implemented in Rust
rust-ffmpeg - Safe FFmpeg wrapper.
Theseus - Theseus is a modern OS written from scratch in Rust that explores ๐ข๐ง๐ญ๐ซ๐๐ฅ๐ข๐ง๐ ๐ฎ๐๐ฅ ๐๐๐ฌ๐ข๐ ๐ง: closing the semantic gap between compiler and hardware by maximally leveraging the power of language safety and affine types. Theseus aims to shift OS responsibilities like resource management into the compiler.
Exercism - website - The codebase for Exercism's website.
bacon - background rust code check
seL4 - The seL4 microkernel
miri - An interpreter for Rust's mid-level intermediate representation
patterns - A catalogue of Rust design patterns, anti-patterns and idioms
unsafe-code-guidelines - Forum for discussion about what unsafe code can and can't do
CppCoreGuidelines - The C++ Core Guidelines are a set of tried-and-true guidelines, rules, and best practices about coding in C++
rust - Empowering everyone to build reliable and efficient software.