Hacker News new | ask | show | jobs
by jdiez17 531 days ago
> Too much to do and too little time. If I just didn’t spend so much time around here ;)

Heh, very relatable :)

> I see that you’re from Berlin - if you’re interested in a chat, ping us.

I also just saw you're based in Berlin. Will definitely ping you when I'm back. Particularly interested in your "Rust Experts" offering.

One question about Rust safety certification in general:

How do you deal with dependency sprawl? For example, if you write a basic async program with Tokio and friends you may end up depending on >200 crates. Would you our your clients certify them one by one? Are they much more picky with which dependencies they "take on"?
1 comments
Xylakant 531 days ago
Dependencies. Hard topic. The question is less about the numbers, but rather in the amount of code you pull in. In the end, every line needs to be certified. The team that wrote sudo-rs blogged about their approach here https://www.memorysafety.org/blog/reducing-dependencies-in-s...

Essentially, expand your use for initial development and whittle down later as much as possible.

That said, Tokio is not going to be a good certification candidate - but that’s a topic for a longer conversation. (TL;DR: The Tokio project has aims and goals that are good for their use, but problematic when it comes to writing safety certified software)

link
jdiez17 531 days ago
That makes a lot of sense, thanks!
link