Re: Hard Rust requirements from May onward

To: debian-devel@lists.debian.org
Subject: Re: Hard Rust requirements from May onward
From: Simon Richter <sjr@debian.org>
Date: Tue, 4 Nov 2025 20:01:53 +0900
Message-id: <[🔎] 8e25051b-3219-42f0-a6fe-e44bb63ccdc1@debian.org>
In-reply-to: <[🔎] aQnWVFcGRWlwaKfa@localhost>
References: <20251031213541.GA73786@debian.org> <[🔎] 87frawljrt.fsf@ganneff.de> <[🔎] aQkl0qyIyJ5+y5lC@localhost> <[🔎] 8497977946464c9144055f3bda6eef73aa4ab95e.camel@debian.org> <[🔎] aQnWVFcGRWlwaKfa@localhost>

Hi,

On 11/4/25 7:32 PM, Adrian Bunk wrote:

The main selling point of Rust is that it avoids some classes of
vulnerabilities at the language level, but we are not setup to
automatically detect and handle it when published CVEs might
affect Rust programs like sqv.

I think we need to create infrastructure for that anyway -- there's lotsof C++ programs with similarly sloppy dependency management now,especially anything using dear imgui and shipping twenty copies of stb-- in that ecosystem it is completely normal to ship a library as sourcecode that needs to be compiled with a configuration header on theinclude path, and Rust code is refreshingly sensible compared to that.


   Simon

Reply to:

Follow-Ups:
- Re: Hard Rust requirements from May onward
  - From: Adrian Bunk <bunk@debian.org>

References:
- Re: Hard Rust requirements from May onward
  - From: Joerg Jaspert <joerg@debian.org>
- Re: Hard Rust requirements from May onward
  - From: Adrian Bunk <bunk@debian.org>
- Re: Hard Rust requirements from May onward
  - From: Ansgar 🙀 <ansgar@debian.org>
- Re: Hard Rust requirements from May onward
  - From: Adrian Bunk <bunk@debian.org>

Prev by Date: Re: Hard Rust requirements from May onward
Next by Date: Bug#1120047: ITP: plus42 -- advanced scientific calculator based on the HP-42S
Previous by thread: Re: Hard Rust requirements from May onward
Next by thread: Re: Hard Rust requirements from May onward
Index(es):
- Date
- Thread