[blub]

People are paid to work on standard libraries and there’s a whole process behind developing and releasing this software.

Tokio on the other hand is the library whose maintainer decided to download a binary blob during build: https://github.com/tokio-rs/prost/issues/562 https://github.com/tokio-rs/prost/issues/575

Good luck catching such issues across dozens of crates.

[simonask]

The issue you linked is a perfect example in support of my argument. Lots of people noticed the problem, and it was quickly rectified.