[zimbatm]

A CLI is usable by any language that can fork/exec and read/write IO. A library is more likely to be usable by only one language.

[JoshTriplett]

A C library, or a library with a C interface, is usable by any language with an FFI.

[3pt14159]

That's true in theory, but in practice most Ruby developers don't know how to use C or the FFI well enough to build a library out of a C or C++ library.

It's reasonable to shell out sometimes. It's what Github did when they were first starting. It's what 500px did when they were first starting. Trying to do everything the right way early on is just going to slow you down.

[deong]

I think with security-related software in particular, the proper answer there is "tough". If you can't figure out how to call a C function, you should probably just not write critical software.

[wildmusings]

One of the important lessons that the profession has yet to fully internalize is that there is very little software that is NOT security-related.

[Kalium]

It's very, very difficult to get product managers to internalize that there are real security restrictions on how they can enable users to make things pretty.

Almost everything is security-related. Almost nobody is willing to work with this.

[zeveb]

OTOH, a C library will almost certainly be unsafe and insecure, while POSIX pipes can be secure.

[JoshTriplett]

Exactly what I had in mind when I said "or a library with a C interface".

(Someday, I hope we have a better cross-language ABI than C.)