[Baal]

Putting things on satellites might mean very different things. There is close to zero chance of anything critical being in Rust. One company I worked on has not even move from (a subset of) C90 for critical components. No C99, no C11, no C++03 and no Rust. It is likely that a company may have software in Rust, even running in a satellite module (though unlikely), but that is different than actual satellite systems being certified on Rust.

As for the rest of your argument: in many companies people is still moving to C11 or C++11. For many, software is considered for production only if it has been 5 years in the wild. A library appearing on cargo does not mean it is “available”.

[bluejekyll]

Here’s the company and product for the sat reference: https://www.kubos.com/kubos/

> For many, software is considered for production only if it has been 5 years in the wild.

Time is irrelevant, it’s about usage and stability. Every rust crate I rely on has published download numbers, which give you an idea of number of people using it. In that set, they are all open source and published on GitHub or Gitlab, so I can look at the codebases easily.

You can wait, that’s fine. But you do end up missing out on helping shape a new environment that is growing at crazy rates over the last few years.

[Baal]

Sorry but that company/product looks like it is a Linux distro and framework tuned/supported for satellite hardware. That does not mean it controls the satellite nor that it is certified.

If you think “download numbers” (or open source, or being in GitHub) is a good metric for measuring reliability, it means you haven’t really worked in any such field.

It isn’t growing _at all_ in many fields, because it is simply way too new (no new software projects started on it), it isn’t certified (or even impossible to certify). That does not mean it is not better, so don’t take that as an attack. It is simply a suicide in risk-analysis to use a new language, new libraries and new compiler front-end in safety-critical projects; so it is a no-go. Similarly for C11, C++14, C++17 and many other languages, frameworks and libraries that you have to approve.

[bluejekyll]

> If you think “download numbers” (or open source, or being in GitHub) is a good metric for measuring reliability, it means you haven’t really worked in any such field.

I never have worked in such a field, and you're comments about certification, etc, are definitely things I will accept as true. Getting any support of new technology in any space is hard, and of course takes time.

But, I will say that "download numbers" where there is obvious sustained usage of a project is a stand-in for understanding if something is seeing real-world usage. I don't claim that it show stability, only that if it's usage is high and the number of issues on the project are not growing under that strain then you can begin to get a picture of it's stability.

When you talk about formal proofs, certification, etc. Those are different mechanisms for validating that, but generally requires substantial amounts of money to be done.

[steveklabnik]

The talk had a diagram, most components on it were in Rust, and the plan is to use more and more moving forward. Even critical stuff.

[Baal]

Happy to hear that, since I am not exactly in joy of using ancient languages.

However, from plans to actual usage takes years; specially for completely new projects using new languages, compilers, libraries, etc. in safety-critical stuff, that takes months just to validate.

Stating anything else is just either lying (marketing) or ignorance. Please do not do a disservice to your language by creating vacuous hype.

[steveklabnik]

That was also a significant part of the talk. Like any industry, some shops are conservative, and some aren’t. Pointing out that some places are more liberal than others isn’t lying.