• The Doctor
    link
    fedilink
    English
    187 months ago

    I wonder how many folks are just refusing to use Rust to spite the Rust Evangelism Strike Team.

        • @delirious_owl@discuss.online
          link
          fedilink
          57 months ago

          It doesn’t verify downloads are authentic. Its an issue with almost all programming dependency managers besides mature ones like Java’s Maven.

          Python has been working with Facebook to fix this in pip for like a decade.

          But obviously it shows that rust isn’t so concerned about security.

          • @uhN0id@programming.dev
            link
            fedilink
            37 months ago

            Ah interesting. Thank you, you’re giving me something to read about that I never considered for crates. I guess I just assumed because of the scrutiny Rust was built with and continues to go through that it would also apply to verifying crates. I have definitely heard about it with NPM so it should have been obvious that it might not be any different for crates. Thanks again!

    • swab148
      link
      fedilink
      17 months ago

      I wish there was a synonym for “evangelism” that began with a “u”.

      • Tlaloc_Temporal
        link
        fedilink
        37 months ago

        Urge? Kinda dark and villainous feeling.

        Upgrade! “The Rust Upgrade Strike Team! Upgrade Today!” Sounds very propagandistic, almost doublespeak.

        Ultimatum? Mildly threatening.

        Utopia? It has the self righteous feel.

        Uhvangelism, hurhur.

        Universalism?