[drcongo]

I'm not a Rust dev, but I am the target market for this product and I kinda care that it's written in Rust. That gives me some (possibly entirely wrong) confidence that it's likely to be a single binary, easily installed, fast and relatively safe.

More broadly, if there had been two headlines on the front page today and the other said "Open source search engine written in Node / JS" I would make assumptions about the 7 million dependencies and endless security updates in every single one of them that I'd have to monitor. Obviously I would also skip straight past that one. So yes, the technology choice is important.

[Yoric]

For context (and I say that as a Rust developer), please note that Rust has the same strength/weakness as Node in terms of dependencies.

There is ongoing work to strengthen this. I do not know the status.

[drcongo]

Thanks. Would I be correct in assuming that there should be less of a burden on me as an end user with Rust though as I only need to update the one binary that I installed?

[bogeholm]

Usually you would only need to update a single binary, as the dependencies are compiled in.

You may get some libc-issues if you try to run a binary built for a newer Linux on an older Linux, unless it is built to target musl - don’t remember the details 100%

[Yoric]

How did you install the binary? If you installed it from source, you'll need to `cargo update && cargo build`.

If you downloaded a binary or installed it from your distro's repo, generally you just need to update that one binary, yes.

[drcongo]

Thanks for clarifying. Yes, I'd typically install a Rust program from the distro's repos.

[mcronce]

Yes and no - deploying a Node project, I need to install all its dependencies. Deploying a Rust project, I still typically only need to pull down the binary. The general attitude is still to pull in dependencies to do a job instead of inventing your own solution, which I consider a good thing, but not everybody agrees.