• apt_install_coffee@lemmy.ml
    link
    fedilink
    arrow-up
    7
    arrow-down
    1
    ·
    9 months ago

    The code used in cve-rs is not that complicated, and it’s not out of the realm of possibility that somebody would use lifetimes like this if they had just enough knowledge to be dangerous.

    I’m as much a rust evangelist as the next guy, but part of having excellent guard rails is loudly pointing out subtle breakages that can cause hard to diagnose issues.

    • TechNom (nobody)
      link
      fedilink
      English
      arrow-up
      1
      arrow-down
      2
      ·
      8 months ago

      If that’s so trivial to trigger, people would be doing so everywhere. Have you seen it in the wild or heard of anyone doing so?

        • TechNom (nobody)
          link
          fedilink
          English
          arrow-up
          1
          arrow-down
          1
          ·
          8 months ago

          So you’re just spouting some cooked up theory. Not a practical scenario.

          • apt_install_coffee@lemmy.ml
            link
            fedilink
            arrow-up
            1
            arrow-down
            1
            ·
            edit-2
            8 months ago

            No, I’m saying that when people run into strange bugs, sometimes they put together an issue (like the person behind cve-rs), and sometimes they quietly work around it because they’re busy.

            Seeing as I don’t often trawl through issues on the language git, neither really involve notifying me specifically.

            My lack of an anecdote does not equate to anecdotal evidence of no issue, just that I haven’t met every rust developer.

            • TechNom (nobody)
              link
              fedilink
              English
              arrow-up
              1
              ·
              8 months ago

              You don’t have any evidence, much less anecdotal evidence. Things don’t become true just because you insist.