rlbox
nightly-crimes
| rlbox | nightly-crimes | |
|---|---|---|
| 2 | 6 | |
| 298 | 174 | |
| 0.3% | 0.6% | |
| 4.2 | 2.6 | |
| about 1 month ago | almost 4 years ago | |
| C++ | Rust | |
| MIT License | BSD 2-clause "Simplified" License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
rlbox
-
Sandboxing DLL Code
Firefox uses that to isolate third party libraries right now, like i.e. font rendering. It uses a framework called RLBox: https://github.com/PLSysSec/rlbox.
-
WebAssembly and Back Again: Fine-Grained Sandboxing in Firefox 95
https://github.com/PLSysSec/rlbox_sandboxing_api/blob/master...
Seems like it could get a bit verbose when used all over the place but I’m not really used to the C++ world. Regardless I’m happy to see the effort being made beyond process isolation and OS capabilities.
nightly-crimes
-
How can we compare expressive power between two Turing-complete languages?
> This seems to favor c++, in which basically anything imaginable can be done with macros, and any other language can be implemented.
Pfft. C++ macros can't even run a different compiler:
https://github.com/m-ou-se/nightly-crimes/blob/main/yolo-rus...
-
Vec<T> internally uses RawVec<T>, which internally uses Unique<T>. Unique is a nightly feature, so why isn't Vec only available for nightly builds?
There is no nightly or stable compiler; they're just different modes that the compiler can run in. You can compile code that uses nightly features with just the stable toolchain; see nightly-crimes.
-
Thoughts about using nightly features from de-facto std crates (e.g. serde)?
That being said, you can use nightly features on the stable compiler. The stable compiler is totally capable of compiling them, it just refuses to without some macro black magic.
-
WebAssembly and Back Again: Fine-Grained Sandboxing in Firefox 95
More specifically, unsafe blocks may violate the compiler's security guarantees and procedural macros actually run inside the compiler process at build time. Declarative macros do this too, but they're far too restricted to allow shenanigans. Procmacros can disable Rust's stability guarantees[0].
[0] https://github.com/m-ou-se/nightly-crimes
-
The Little Book of Rust Macros
> [ https://github.com/m-ou-se/nightly-crimes nightly-crimes! blows away your compiler, running it again in a new environment where it will allow nightly features even though you've got a stable compiler installed... ]
That macros have access to the entire language including arbitrary IO is the defining feature of proc macros. The insanity here is the Rust compiler team adding the `RUSTC_BOOTSTRAP` env var which is used to build rustc stable which uses nightly features.
All nightly-crimes does is use `std::process::Command` to rerun the compiler with the variable set [1], which tells rustc to throw all concepts of stability out the window.
I haven't been following developments but one of the ideas (even has a PoC iirc) was to build and run proc macros as web assembly to improve build times and prevent such shenanigans.
[1] https://github.com/m-ou-se/nightly-crimes/blob/main/yolo-rus...
What are some alternatives?
fennecbuild
freebsd-ports - FreeBSD ports tree (read-only mirror)
serde - Serialization framework for Rust
svntogit-packages - Automatic import of svn 'packages' repo (read-only mirror)
swc