wuffs

Wrangling Untrusted File Formats Safely (by google)

Wuffs Alternatives

Similar projects and alternatives to wuffs

  1. rust

    2,858 wuffs VS rust

    Empowering everyone to build reliable and efficient software.

  2. InfluxDB

    InfluxDB – Built for High-Performance Time Series Workloads. InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now.

    InfluxDB logo
  3. go

    2,277 wuffs VS go

    The Go programming language

  4. rfcs

    690 wuffs VS rfcs

    RFCs for changes to Rust

  5. stb

    173 wuffs VS stb

    stb single-file public domain libraries for C/C++

  6. nom

    92 wuffs VS nom

    Rust parser combinator framework

  7. highway

    77 wuffs VS highway

    Performance-portable, length-agnostic SIMD with runtime dispatch

  8. Stream

    Stream - Scalable APIs for Chat, Feeds, Moderation, & Video. Stream helps developers build engaging apps that scale to millions with performant and flexible Chat, Feeds, Moderation, and Video APIs and SDKs powered by a global edge network and enterprise-grade infrastructure.

    Stream logo
  9. Kaitai Struct

    Kaitai Struct: declarative language to generate binary data parsers in C++ / C# / Go / Java / JavaScript / Lua / Nim / Perl / PHP / Python / Ruby

  10. CompCert

    40 wuffs VS CompCert

    The CompCert formally-verified C compiler

  11. smhasher

    36 wuffs VS smhasher

    Hash function quality and speed tests (by rurban)

  12. checkedc

    Checked C is an extension to C that lets programmers write C code with bounds checking and improved type-safety. The goal is to let people easily make their existing C code type-safe and eliminate entire classes of errors.

  13. jxl.js

    25 wuffs VS jxl.js

    JPEG XL decoder in JavaScript using WebAssembly (WASM)

  14. austral

    22 wuffs VS austral

    Systems language with linear types and capability-based security.

  15. goawk

    20 wuffs VS goawk

    A POSIX-compliant AWK interpreter written in Go, with CSV support

  16. zlib-ng

    zlib replacement with optimizations for "next generation" systems.

  17. ivy

    14 wuffs VS ivy

    ivy, an APL-like calculator (by robpike)

  18. libwebp

    Mirror only. Please do not send pull requests. See https://chromium.googlesource.com/webm/libwebp/+/HEAD/CONTRIBUTING.md.

  19. image-png

    PNG decoding and encoding library in pure Rust

  20. png-decoder

    A pure-Rust, no_std compatible PNG decoder

  21. csharplang

    The official repo for the design of the C# programming language

  22. SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo
NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a better wuffs alternative or higher similarity.

wuffs discussion

Log in or Post with

wuffs reviews and mentions

Posts with mentions or reviews of wuffs. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2025-05-09.
  • Rust Dependencies Scare Me
    23 projects | news.ycombinator.com | 9 May 2025
    You want a special purpose language.

    In your particular example of image loading, you want WUFFS. https://github.com/google/wuffs

    In WUFFS most programs are impossible. Their "Hello, world" doesn't print hello world because it literally can't do that. It doesn't even have a string type, and it has no idea how to do I/O so that's both elements of the task ruled out. It can however, Wrangle Untrusted File Formats Safely which is its sole purpose.

    I believe there should be more special purpose languages like this, as opposed to the General Purpose languages most of us learn. If your work needs six, sixteen or sixty WUFFS libraries to load different image formats, that's all fine because categorically they don't do anything outside their box. Yet, they're extremely fast because since they can't do anything bad by definition they don't need those routine "Better not do anything bad" checks you'd write in a language like C or the compiler would add in a language like Rust, and because they vectorize very nicely.

  • Blasting Past WebP
    3 projects | news.ycombinator.com | 27 Mar 2025
  • Fast-PNG: PNG image decoder and encoder
    9 projects | news.ycombinator.com | 11 Mar 2025
    wuffs has standalone C header for png decoding that is safe and very fast: https://github.com/google/wuffs/blob/main/doc/std/image-deco...

    There's also libspng, supports encoding & decoding, but it does not seem to be very maintained anymore, and it has extra dependency on zlib/miniz: https://github.com/randy408/libspng

  • Why do I find Rust inadequate for text compression codecs?
    4 projects | news.ycombinator.com | 7 Mar 2025
    This kind of hyper-specific need (codecs) is probably better served by a specialist language, like Whuffs (https://github.com/google/wuffs). You don't need, or want, the level of expressiveness that comes with something like Rust, but on the other hand, it's a compact enough problem set that you're willing to spend extra development work to eke out every bit of speed.
  • RealtimeSanitizer for Rust
    1 project | news.ycombinator.com | 23 Jan 2025
    I only have grug brain, but one could call WASM modules each with its own tiny memory pre-allocated. There is also WUFFS the language which is explicitly limited in several ways. I also feel like some things could be done in Ada or one of the more strict functional languages.

    0: https://github.com/google/wuffs/blob/main/doc/wuffs-the-lang...

  • Wuffs the Language
    1 project | news.ycombinator.com | 10 Oct 2024
  • Hermeticity
    1 project | news.ycombinator.com | 8 Sep 2024
  • Firefox will consider a Rust implementation of JPEG-XL
    2 projects | news.ycombinator.com | 4 Sep 2024
    Reminder that https://github.com/google/wuffs exists too.
  • CrowdStrike debacle provides road map of American vulnerabilities to adversaries
    2 projects | news.ycombinator.com | 20 Jul 2024
    Again, there are safe ways of doing this. For example, Wuffs exists: https://github.com/google/wuffs

    At the very least, big money security software companies should be parsing untrusted content with some kind of rigorouly safe approach, not just squirting it through a big pile of C/C++.

    And don't get me started on the whole concept of undefined behavior in those languages. To quote I. I. Rabi, "Who ordered that?"

  • I'm Funding Ladybird Because I Can't Fund Firefox
    7 projects | news.ycombinator.com | 7 Jul 2024
    > Rust was literally invented to solve the security and concurrency issues inherent in using C/C++ for a browser engine.

    Are most browser vulnerabilities not still found in engines like V8? Rust can help with something like last year's buffer overflow in libwebp (although that's overkill when a project like https://github.com/google/wuffs exists), but I'm unclear on how it gets you a better JIT.

  • A note from our sponsor - Stream
    getstream.io | 18 Jul 2025
    Stream helps developers build engaging apps that scale to millions with performant and flexible Chat, Feeds, Moderation, and Video APIs and SDKs powered by a global edge network and enterprise-grade infrastructure. Learn more →

Stats

Basic wuffs repo stats
95
4,551
8.1
4 days ago

Sponsored
InfluxDB – Built for High-Performance Time Series Workloads
InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now.
www.influxdata.com