It's not remotely the same type of error -- error non-handling is very visible in the Rust code, while the Lua code shows the happy path, with no indication that it could explode at runtime.
Perhaps it's the similar way of not testing the possible error path, which is an organizational problem.
> I think it was Snowden who made TLS the default.
Snowden's revelations were a convincing argument, but I would place more weight on Google in its "we are become Evil" phase (realistically, ever since they attained escape velocity to megacorphood and search monopoly status), who strove to amass all that juicy user data and not let the ISPs or whoever else have a peek, retaining exclusivity. A competition-thwarting move with nice side benefits, that is. That's not to say that ISPs would've known to use that data effectively, but somebody might, and why not eliminate a potential threat systemically if possible?
Reading this it seems to me that ISPs missed a trick by not offering privacy features. These features were already baked into mobile wireless it probably wouldn’t have been a huge big deal for them to provide it. That’s what happens when you treat your business as a source of rent
It will help that side of the process (although, as a sibling has noted, you can CNAME your way into a better-controlled update service), but the challenge of automating cert changes for various non-HTTP services, including various virtual or physical boxes with funky admin interfaces, remains. I don't expect that vendors will do much about that, and it will end up on admins' plates, as usual. There will be much grumbling, but fewer solutions.
There are quite many solutions. For very funky systems, you can use a cert tied to a private CA. Then you can control the cert lifetimes. Or place them behind a reverse proxy that is easier to control.
"Code frequency" for jxl-rs shows no activity from Aug 2021 to Aug 2024, then steady work with a couple of spurts. That's both a longer hiatus and a longer period of subsequent activity (a year+ ago isn't "recently" in my book.) What data have you based your observation on?
> On the SEU issue I’ll add in that even in LEO you can still get SEUs
As a sibling post noted, SEUs are possible all the way down to sea level. The recent Airbus mass intervention was essentially a fix for a badly handled SEU in a corner case.
> What has always baffled me is how CS uses the word "safety" where all other industries use "robustness".
FWIW "safety factors" are an important part of all kinds of engineering. The term is overloaded and more elusive in CS because of the protean qualities of algorithmic constructs, but that's another discussion.
> I wonder how long the open-source ecosystem will be able to resist this wave.
This PR was very successfully resisted: closed and locked without much reviewing. And with a lot of tolerance and patience from the developers, much more than I believe to be fruitful: the "author" is remarkably resistant to argument. So, I think that others can resist in the same way.
Successfully resisted, yes, but it also looks like a lot of actual human hours went into even replying to the PR in the first place. At what point do.l maintainers get overwhelmed with just politely rejecting PRs and throw their hands up because the time they allocated to the project they love has all been eaten up with rejecting slop?
> how hard is it to add a few methods that split a string or pad it?
In full generality, pretty hard. If you're just dealing with ASCII or Latin-1, no problem. Then add basic Unicode. Then combining characters. Then emojis. It won't be trivial anymore.
Full generality is not a practical target. You select your subset of the problem and you solve it. Supporting everything in a project is usually a fever dream.
Came online ~10 years ago. One could quibble about design and construction timelines; the reactor is still half-experimental, and the Russians are conducting that breeder program very slowly. But it's not a 1980s design frozen in time.
Perhaps it's the similar way of not testing the possible error path, which is an organizational problem.
reply