[chrisrohlf]

20+ years of insecure code resulting in remote code execution vulnerabilities, lack of authentication and integrity, authorization bypasses and more. Yet a simple out-of-bounds read becomes the straw that breaks the camels back. Don't mistake my comment for criticism, I'm happy to see projects like this and non-security focused developers pay attention to such issues. But if you've spent more than 2 minutes in the security industry you'd be pulling your hair out at this point too.

[tomp]

Not sure if I understand your comment correctly, but I'd say that Heartbleed got noticed simply because it's a vulnerability that (1) affected a very large number of computers (the servers and consequently all the clients who connect to them) and (2) could have very bad consequences (TLS is one of the backbones of the internet).

Regarding this project, I know there are tools that help mitigate such issues, but unfortunately there isn't a single mainstream language that would really support this. I wanted such a language for a long time, so I (finally) decided to experiment with making one.