Our great sponsors
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
Fun fact: libpng-sys was so difficult to create safe Rust wrapper for that people just wrote their own, 100% safe Rust PNG decoder: https://github.com/image-rs/image-png
This characterization of cxx is outdated. The language limitation was fixed by rust-lang/rust#75857.
However, if you intend on publishing the crate on crates.io, then there is an implied contract between the author and the users of the crate. It's hard to formulate that contract into words, but I think it comes down to intention. There will always be bugs, but if a crate author marks a certain function as "safe", then that signals that the crate author intends that it should be impossible to cause UB by calling that function from safe Rust code.