[josephg]

> This isn't necessarily a language problem, though, more of a "culture" problem, I think.

Author here. We could make it a language problem by having the language sandbox dependencies by default. Seems like an easy win to me. Technical solutions are almost always easier to implement than social solutions.

[Ygg2]

Edit: replied to wrong person.

[josephg]

Huh?

> It's throwing the baby and bathwater into lava.

Is it really so controversial to want to be able to limit the access that utility crates like humansize or serde have to make arbitrary syscalls on my computer?

Seems to me like we could get pretty far with just compile-time checks - and that would have no impact whatsoever on the compiled code (or its performance).

I don't understand your criticism.

[Ygg2]

I thought you wanted to prevent transitive dependencies. For sandboxing crates, as JoshTriplett said it's another can of worms.

[josephg]

By default, yes. But it probably makes sense to let people whitelist specific crates in their dependency tree. Crates like std and tokio, or blas libraries that make heavy use of simd. Stuff like that.