[cowtools]

>Go and Rust are similar in that aspect.

I think this poses a subtle security risk about namespacing. Who authorizes these packages? Who audits these repositories?

When you use a C/C++ library, there is obvious accountability. You know who maintains the repository (usually your distribution) or you explicitly copy someone elses code as a subrepository.

[xigoi]

If you trust the compiler, why wouldn't you trust the standard library? They're usually made by the same people.

[lelanthran]

> If you trust the compiler, why wouldn't you trust the standard library? They're usually made by the same people.

That sounds like a different way of saying "they're sometimes made by different people", which is why you won't trust it.

[xigoi]

By different people that have been approved by the compiler developers.

[cowtools]

I am talking about non-standard libraries