The Git source code audit, viewed as a Rust programmer

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com
Git text-editor CLI Vim blazingly-fast

WorkOS
Our great sponsors
  • WorkOS - The modern identity platform for B2B SaaS
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • SaaSHub - Software Alternatives and Reviews
Our great sponsors

  • gitoxide

    An idiomatic, lean, fast & safe pure Rust implementation of Git

    • I don't know how far he intends to take it, but the author of gitoxide (which is just a library, like libgit2) uses it to power a git CLI called gix. As of October it looks like it can do fetches and clones: https://github.com/Byron/gitoxide/discussions/623 .

    Since the git CLI is subcommand-based, it wouldn't be too hard to provide replacements for individual git subcommands one at a time.

  • helix

    A post-modern modal text editor.

    • [2]: https://github.com/helix-editor/helix/pull/3890

  • WorkOS

    The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

    WorkOS logo

  • indexing

    Sound unchecked indexing using “generativity”; a type system approach to indices, pointers and ranges that are trusted to be in bounds.

    • Defining a newtype avoids confusing indexes of, say, a graph and a Vec, but doesn't avoid confusing indexes of two graphs

    Rust has a design pattern called lifetime branding (also called generativity), which uses phony lifetimes to prevent, at compile time, confusing indexes of two separate collections of the same type. This can also enable disabling out of bounds checks without triggering UB (because, with branding, we can be sure that the index is on bounds at the moment of creating it; essentially we move bounds check from the indexing time to the index creation time)

    Here's an earlier mention of that [0] (7 years ago), and here's a crate from 3 years ago, indexing [1] but I'm not sure about recent developments on that.

    Now, petgraph doesn't use branding for its index types, so if you have two graphs you can confuse their indexes. On the other hand, petgraph was specifically designed so that you can reuse the node and edge numbering across many graphs (so that if you have a subgraph for example, the nodes and edges share the same ids), in this situation it's kind of hard to use branding

    There's another pattern for not confusing index types which is to make different index types for each different collection and make the collection work only with that type; this is done eg. in typed-indexed-collections [2] - but it doesn't use branding so two collections with same index type have interchangeable indexes

    Anyway right now this stuff is mostly folklore but I wish it were more used.

    [0] https://www.reddit.com/r/rust/comments/3oo0oe/sound_unchecke...

    [1] https://github.com/bluss/indexing https://docs.rs/indexing/0.4.1/indexing/

    https://crates.io/crates/typed-index-collections https://www.reddit.com/r/rust/comments/hr6xcu/announcing_typ...

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts