[krick]

Everything is a dream, when coming from C++ land. I'm still incredibly salty about how packages are managed in Rust, compared to golang or even PHP (composer). crates.io looks fine today, because Rust is still relatively unpopular, but 1 common namespace for all packages encourages name squatting, so in some years it will be a dumpster worse than pypi, I guarantee you that. Doing that in a brand-new package manager was incredibly stupid. It really came late to the market, only golang's modules are newer IIRC (which are really great). Yet it repeats all the same old mistakes.

[guitarbill]

I don't really understand this argument, and it isn't the first time I've heard it. What problem other than name squatting does it solve?

How does a Java style com.foo.bar or Golang style URL help e.g. mitigate supply chain attacks? For Golang, if you search pkg.go.dev for "jwt" there's 8 packages named that. I'm not sure how they are sorted; it doesn't seem to be by import count. Yes, you can see the URL directly, but crates.io also shows the maintainers. Is "github.com/golang-jwt/jwt/v5" "better" than "golang.org/x/oauth2/jwt"? Hard to say at a glance.

On the flip side, there have been several instances where Cargo packages were started by an individual, but later moved to a team or adopted. The GitHub project may be transferred, but the name stays the same. This generally seems good.

I honestly can't quite see what the issue is, but I have been wrong many a time before.

[Thaxll]

Go has more protections than Rust regarding supply chain attack.

https://go.dev/blog/supply-chain

[Imustaskforhelp]

In my opinion , I like golang's way better because then you have to be thoughtful about your dependencies and it also prevents any drama (like rust foundation cargo drama) (ahem) (if you are having a language that is so polarizing , it would be hard to find a job in that )

I truly like rust as a performance language but I would rather like real tangible results (admittedly slow is okay) than imagination within the rust / performance land.

I don't want to learn rust to feel like I am doing something "good" / "learning" where I can learn golang at a way way faster rate and do the stuff that I like for which I am learning programming.

Also just because you haven't learned rust doesn't make you inferior to anybody.

You should learn because you want to think differently , try different things. Not for performance.

Performance is fickle minded.

Like I was seeing a native benchmark of rust and zig (rust won) and then I was seeing benchmark of deno and bun (bun won) (bun is written in zig and deno in bun)

The reason I suppose is that deno doesn't use actix and non actix servers are rather slower than even zig.

It's weird .

[jvanderbot]

There are some influential fair comparisons of compiled languages, but for the most part my feeling is that people are moving from an extremely high level language like Python or JS, and then going to Rust to get performance, when any single compiled language would be fine, and for 90% of them, Go would have been the right choice (on backend or web-enabled systems apps), there was just a hurdle to get to most other compiled languages.

It's just Rust is somehow more accessible to them? Maybe it's that pointers and memory just was an inaccessible / overburdensom transition?

[umanwizard]

Rust is the only mainstream language with an ergonomic modern type system and features like exhaustive matching on sum types (AFAIK... maybe I'm forgetting one). Yes things like OCaml and Haskell exist but they are much less mainstream than Rust. I think that's a big part of the appeal.

In Go instead of having a value that can be one of two different types, you have to have two values one of which you set to the zero value. It feels prehistoric.

[jvanderbot]

That strikes me as an incredibly niche (and probably transient) strength! But I will remember that.

[umanwizard]

It's not niche at all; it's extremely common to need this. Maybe I'm not explaining it well. For example, an idiomatic pattern in Go is to return two values, one of which is an error:

  func f() (SomeType, error) {
          // ...
  }

In Rust you would return one value:

  fn f() -> anyhow::Result<SomeType> {
      // ...
  }

In Go (and similar languages like C) nothing enforces that you actually set exactly one value, and nothing enforces that you actually handle the values that are returned.

It's even worse if you need to add a variant, because then it's easy to make a mistake and not update some site that consumes it.

[consteval]

To be fair even Java solves this problem with checked exceptions. It forces you to handle them or pass them on. It's really just C++ and C# that have a bit of wild west error handling.

[chipdart]

> Rust is the only mainstream language with an ergonomic modern type system and features like exhaustive matching on sum types (...)

This reads like a parody of Rust's fandom.

[umanwizard]

Sorry, what other mainstream language has this feature? I supposed TypeScript does, but we were talking about compiled languages.

[TeamDman]

Swift does apparently, here's an example from ChatGPT

    enum Animal {
        case dog(name: String)
        case cat(name: String)
        case bird

        func sound() {
            switch self {
            case .dog(let name):
                print("\(name) says Woof!")
            case .cat(let name):
                print("\(name) says Meow!")
            case .bird:
                print("Tweet!")
            }
        }
    }

and another with nesting

    enum Thing {
        case first(x: Int)
        case second
    }

    enum Outer {
        case ok(Thing?)
    }

    let value: Outer = .ok(.some(.first(x: 42)))

    switch value {
    case .ok(.some(.first(let x))):
        print("Matched with x = \(x)")
    case .ok(.some(.second)):
        print("Matched .second")
    case .ok(.none):
        print("Matched .none")
    }

[Tainnor]

Scala, Kotlin and even modern Java.

[timeon]

> It's just Rust is somehow more accessible to them?

Going to lower level languages can be scary. What is 'fighting the borrow-checker' for some, may be 'guard rails' for others.

[bombela]

Not sure how much it weighs on the balance in those types of decisions. But Rust has safe concurrency. That's probably quite a big boost of web server quality if anything else.

[jvanderbot]

Go's concurrency is unsafe? Rust's concurrency is automatically safe?

I am not saying you're wrong, I just don't find it any better than C++ concurrent code, you just have many different lock types that correspond to the borrow-checker's expectations, vs C++'s primitives / lock types.

Channels are nicer, but that's doable easily in C++ and native to Go.

[thinkharderdev]

(Un)safe is a bit of an overloaded term but Rust's concurrency model is safe in the sense that it statically guarantees that you won't have data races. Trying to mutate the same memory location concurrently is a compile-time error. Neither C++ nor Golang prevent you from doing this. Aside from that

[pjmlp]

With the caveat that those data races are related to in-process memory being accessed by threads.

Which is quite good, but leaves out shared memory with other processes, or threads having data races with external resources, while corner cases they are quite common in distributed computing scenarios.

[umanwizard]

> Go's concurrency is unsafe? Rust's concurrency is automatically safe?

Yes and yes...

Rust statically enforces that you don't have data races, i.e. it's not possible in Rust (without unsafe hacks) to forget to guard access to something with a mutex. In every other language this is enforced with code comments and programmer memory.

[pjmlp]

As long as that something is in the process's own memory.

[joshmarinacci]

Progress. It doesn’t have to be the best. It just has to be better than C++.