[pxc]

Edit: I misremembered a Rust crates capability (pre- and post-install hooks), so my comment was useless and misleading.

[TheDong]

Rust crates run arbitrary code more often at build/install time than npm packages do.

Some people use 'pnpm', which only runs installScripts for a whitelisted subset of packages, so an appreciable fraction of the npm ecosystem (those that don't use npm or yarn, but pnpm) do not run scripts by default.

Cargo compiles and runs `build.rs` for all dependencies, and there's no real alternative which doesn't.

[steveklabnik]

Rust crates can run arbitrary code at build time: https://doc.rust-lang.org/cargo/reference/build-scripts.html

[rafram]

> Build scripts communicate with Cargo by printing to stdout.

Oh lord.

[ComputerGuru]

Wrote an entire crate to clean up that mess (and provide traditional autoconf-ish features for build.rs): https://crates.io/crates/rsconf

[pxc]

Geez, thank you.

[nasso_dev]

Aren't procedural macros amd build.rs arbitrary code being executed at build time?

[tuetuopay]

Pretty much, yes. And they don’t have much as far as isolation goes. It’s a bit frightening honestly.

It does unlock some interesting things to be sure, like sqlx’ macros that check the query at compile time by connecting to the database and checking the query against it. If this sounds like the compiler connecting to a database, well, it’s because it is.