Re: Hard Rust requirements from May onward

[Russ Allbery <rra@debian.org>]

Bjørn Mork <bjorn@mork.no> writes:

> We know what we have.  We also know that a "memory safe language" does
> not prevent bugs. Neither does a "stronger approach to unit
> testing".

Of course they do. Both of those techniques absolutely prevent bugs.

They don't prevent *all* bugs, because no possible technique prevents all
bugs. But both of those techniques are extremely effective at preventing
large classes of bugs.

> Rewriting code means adding new bugs, whether or not the tools catch
> some of them.

Yes. But if the tools are sufficiently better, it also means removing a
whole lot of bugs. The primary maintainer of the software is often in a
good position to know what the balance is likely to look like.

A new language dependency comes with some significant costs, and I
understand why people don't like those costs. Reasonable people can most
certainly disagree about the path forward.

But saying that adopting better tools necessarily means introducing more
bugs than it fixes is just silly. It's a context-dependent decision and
there are numerous examples of the opposite, particularly if the new tools
are used to rewrite a critical portion of the software that is known to be
flawed and has previously been a source of problems.

> BTW, reaching for "modern" means that you will never succeed.

Correct. Apart from trivial cases, software is never finished. "Success"
in that sense is not something that is possible; there will always be
something else to fix.

-- 
Russ Allbery (rra@debian.org)              <https://www.eyrie.org/~eagle/>