I don’t think anyone believes that you are a list of well known apis.
shhh don't raise suspicions.
lysdexic
joined 1 year ago
You are making an extreme assumption, and it also sounds like you’ve misread what I wrote. The “attempts” I’m talking about are studies (formal and informal) to measure the root causes of bugs, not the C or C++ projects themselves.
I think you're talking past the point I've made.
The point I've made is that the bulk of these attempts don't even consider onboarding basic static analysis tools for projects. Do you agree?
If you read the post of other studies you've quoted, you'd be aware that some of them quite literally report results of onboarding a single static analysis tool to C or C++ projects. The very first study in your list is quite literally the results of onboarding projects to Hardware-assisted AddressSanitizer, after acknowledging that they haven't onboarded AddressSanitizer due to performance reasons. The second study in your list reports results of enabling LLVM’s bound sanitizer.
Yet, your personal claim over "the lack of memory safety" in languages like C or C++ is unexplainably based on failing to follow very basic and simple steps like onboarding any static analysis tool, which is trivial to do. Yet, your assertion doesn't cover that simple step. Why is that?
Again, I think this comparison is disingenuous. You take zero effort to address whole family of errors and then proceed to claim that whole family of errors are not addressed, even though nowadays there's a myriad of ways to tackle those. That doesn't sound like a honest comparison to me.
Was this thing generated by a poorly trained LLM?
C syntax is simple, yes, but C semantics are not; there have been numerous attempts to quantify what percentage of C and C++ software bugs and/or security vulnerabilities are due to the lack of memory safety in these languages, and (...)
...and the bulk of these attempts don't even consider onboarding basic static analysis tools to projects.
I think this comparison is disingenuous. Rust has static code analysis checks built into the compiler, while C compilers don't. Yet, you can still add static code analysis checks to projects, and from my experience they do a pretty good job flagging everything ranging from Critical double-frees to newlines showing up where they shouldn't. How come these tools are kept out of the equation?
C has always been (...)
I think you tried too hard to see patterns where there are none.
It's way simpler than what you tried to make it out to be: C was one of the very first programming languages put together. It's authors rushed to get a working compiler while using it to develop an operating system. In the 70s you did not had the benefit of leveraging half a century of UX, DX, or any X at all. The only X that was a part of the equation was the developers' own personal experience.
Once C was made a reality, it stuck. Due to the importance of preserving backward compatibility, it stays mostly the same.
Rust was different. Rust was created after the world piled up science, technology, experience, and craftsmanship for half a century. Their authors had the benefit of a clean slate approach and insight onto what worked and didn't worked before. They had the advantage of having a wealth of knowledge and insight being formed already before they started.
That's it.
It was supposed to be a better C without the bloat and madness of C++, right?
D was sold as a better C++, way back then when C++ was stuck with C++98. To be more clear, D promised to be C++ under active development. That was it's selling point.
In the meantime C++ received 2 or 3 major updates, and thus D lost any claim to relevance.
"GitUI is amazing, although unusable."
From the whole blog post, the thing that caught my eye was the side remark regarding SPAs vs MPAs. It was one of those things that people don't tend to think about it but once someone touches on the subject, the problem become obvious. It seems that modern javascript frameworks focus on SPAs and try to shoehorn the concept everywhere, even when it clearly does not fit. Things reached a point where rewriting browser history to get that SPA to look like a MPA is now a basic feature of multiple pages, and it rarely works well.
Perhaps it's too extreme to claim that MPAs are the future, but indeed there are a ton of webapps that are SPAs piling on complexity just to masquerade as MPAs.
Walter Bright has fairly odious political opinions;
I fail to see the relevance of what personal opinions and beliefs he may or may not have. You're making it sound like the goal is not to improve a language ir fix issues, but to take something away from a person just because you disagree with their political opinions. That's hardly good use of anyone's time, and sounds terribly petty behavior.
I wish I had that much free time to be able to waste it being so vindictive about such trifling issues.
Which languages have you invested/migrated to, only to find that “political stunts” had a “negative impact” on your planned development?
I don't waste my time with meaningless irrelevant stuff. Either a tech stack serves it's purpose, or it doesn't. I don't have enough free time to waste it trying to cancel others.
From the blog post, it sounds like the underlying motivation is not tied to technical aspects but control over the language. If I had invested any of my personal time onboarding onto D and migrated any of my projects to D, I would be concerned about the negative impact these political stunts have on the tech stack.
I would rarely hear about Dlang in my circles and bubbles.
That's hardly a measure of relevance or technical merit. There's a lot of artificial hype being created around some new projects that have a very tenuous correspondence to their technical merits or problems they actually solve, and social network chatter is hardly a factor in assessing technical merits.
view more: next ›
Mercure's spec has a bit more meat on its bones in terms of providing an adequate description of the protocol.
From https://mercure.rocks/spec :