rusty_v8 VS cpp_weekly

Compare rusty_v8 vs cpp_weekly and see what are their differences.

rusty_v8

Rust bindings for the V8 JavaScript engine (by denoland)
v8 Rust
Source Code
crates.io
Suggest alternative
Edit details

cpp_weekly

The official C++ Weekly Repository. Code samples and notes of future / past episodes will land here at various times. PR's will be accepted in some cases. (by lefticus)
Suggest topics
Source Code
Suggest alternative
Edit details
InfluxDB - Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
www.influxdata.com
featured
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured
rusty_v8 cpp_weekly
9 1
3,018 633
0.9% -
9.0 3.5
2 days ago 3 days ago
Rust C++
MIT License The Unlicense
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.

rusty_v8

Posts with mentions or reviews of rusty_v8. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2023-02-10.

cpp_weekly

Posts with mentions or reviews of cpp_weekly. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2022-11-29.
  • WasmEdge
    9 projects | news.ycombinator.com | 29 Nov 2022
    This response is a mess, I apologize.

    One can do lots of things. Yes all of those things are still issues, but in enumerating all the things as you have, you make a compelling argument not to use C++. If one picks something else like SML, Go or even Rust, it allows them to focus on those common areas of correctness and not also, all that other stuff.

    I don't think you are apologizing for C++, but I hear this a lot, whatabout all the other parts that are fixed by a more sound system? My response is that we only have so many decisions we can make in the day, using a system that removes whole classes of problems allows me to focus on the non-accidental (forced) complexity.

    > Rust as Wasmtime is, that alone wouldn't actually give me much more confidence that it's safe

    I never made that argument. But let's say I did. Given two systems, one made in Rust and one made in C++. How do I audit the C++ code to ensure that it has the same level of safety as basically _anything_ else?

    WasmEdge is using code coverage, good! https://app.codecov.io/gh/WasmEdge/WasmEdge

    Only 80% coverage, not great.

    I see mention of fuzzing being used, but I only get 69 hits in the codebase for "fuzz" and no documentation about how it actually works.

    Wasmtime includes documentation on how to use their fuzzer, https://github.com/bytecodealliance/wasmtime/tree/main/fuzz

    In my cursory look at the WasmEdge codebase I see

    No application UBSan [1]

    No application of control flow guard [2], either in the build or in the generated LLVM output.

    Infact the only sanitization flags they are passing are -fsanitize=fuzzer,address

    0 mentions of 'control flow' in the WasmEdge codebase, 65 mentions in Wasmtime. Although it doesn't appear that Wasmtime is itself being compiled with cfguard.

    309 mention of spectre mitigations in Wasmtime, 1 link to a cloudflare blogpost in WasmEdge.

    In my cursor look at Wasmtime, I see

    Much better fuzzing support, 85 uses of unsafe in cranelift itself, 1400+ uses of unsafe in crates/*

    The changelog and git messages for WasmEdge talk about type errors (those type errors look impossible in Rust), bus errors, out of bounds, etc.

    It does not inspire confidence. C++ is already starting from behind. This software is targeted to be run on bare metal, embedded and widely distributed. It just doesn't have the level of detail around testing and correctness that I would expect for such a critical piece of infrastructure.

    I am not saying that Wasmtime does not also have issues, that would be preposterous. But on the face of it, WasmEdge has a lot of work to do to catch up to where Wasmtime already is.

    Wasmtime appears to care about the security properties of their dependencies with https://mozilla.github.io/cargo-vet/

    It does not look like the WasmEdge project applies this basic list of practices as outlined by Jason Turner [n]

    [1] https://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html

    [2] https://www.zdnet.com/article/microsofts-control-flow-guard-... https://clang.llvm.org/docs/ControlFlowIntegrity.html

    [n] https://www.youtube.com/watch?v=q7Gv4J3FyYE https://github.com/lefticus/cpp_weekly/issues/175

What are some alternatives?

When comparing rusty_v8 and cpp_weekly you can also consider the following projects:

v8-runtime-tutorial - Source code for the tutorial series

wasm32-wasi-benchmark

ninja_gn_binaries

spin - Spin is the open source developer tool for building and running serverless applications powered by WebAssembly.

deno - A modern runtime for JavaScript and TypeScript.

zx - A tool for writing better scripts

astrodon - Make Desktop apps with Deno 🦕

authcompanion - [Deprecated] navigate instead to version 2 of AuthCompanion

comlink - Comlink makes WebWorkers enjoyable.

ava - Node.js test runner that lets you develop with confidence 🚀

semver - Semantic Versioning Specification

rusty_v8 vs v8-runtime-tutorial cpp_weekly vs wasm32-wasi-benchmark rusty_v8 vs ninja_gn_binaries cpp_weekly vs spin rusty_v8 vs deno rusty_v8 vs zx rusty_v8 vs astrodon rusty_v8 vs authcompanion rusty_v8 vs comlink rusty_v8 vs ava rusty_v8 vs semver rusty_v8 vs spin