- cross-posted to:
- technologie@jlai.lu
- programming@programming.dev
- linux@lemmy.world
- cross-posted to:
- technologie@jlai.lu
- programming@programming.dev
- linux@lemmy.world
Exiting news for the lady bird browser. https://ladybird.org/
Exiting news for the lady bird browser. https://ladybird.org/
I was wondering why it was written in C++, but the FAQ already beat me to it.
Glad to see they are open to using safer languages. C/C++ was great for its time, but we really need to move on from them.
As someone who has done no programming since taking C++ in high school more than 20 years ago, what do you mean by safer language?
C and C++ require more manual management of memory, and their compilers are unable to let you know about a lot of cases where you’re managing memory improperly. This often causes bugs, memory leaks, and security issues.
Safer languages manage the memory for you, or at least are able to track memory usage to ensure you don’t run into problems. Rust is the poster boy for this lately; if you’re writing code that has potential issues with memory management, the compiler will consider that an error unless you specifically mark that section of code as unsafe.
I’m not sure why people keep pushing that myth on C++. It’s been a decade we have smart pointers. There’s no memory management to be done ever.
Using the old ‘new’ is like typing ‘unsafe’ in rust. Even arrays/vectors have safe accessor.
Am I missing something?
It’s been almost a decade since I used C++ and had to verify, but after some quick searching around it looks like it hasn’t changed a ton since I last looked at it.
You can use smart pointers, and certainly you should, but it’s a whole extra thing tacked on to the language and the compiler doesn’t consider it an issue if you don’t use them. Using new in C++ isn’t like using unsafe in rust; in rust your code is almost certainly safe unless marked otherwise, whereas in C++ it may or may not be managed properly unless you explicitly mark a pointer as smart.
For your own code in new codebases this is probably fine. You can just always make your pointers smart. When you’re relying on code from other people, some of which has been around for many years and has been written by people you’ve never heard of, it becomes harder to be sure everything is being done properly at every point, and that’s where many of these issues come into play.
The part you’re missing is that while C++ does have newer safer ways of doing memory management, all the old ways are still present, in wide use, and are easier. Basically, C++ makes it easy to do the wrong thing and hard to do the right thing, and most codebases are built around the wrong things. It’s often easier to just rewrite it in rust than it is to refactor an existing code base, so if you’re going to expend that effort why not do it in a language that has stronger safety guarantees, a better dependency and build management system, and a growing community?
Thank you!
google rust language
Holy borrow checker
new 'a just dropped
For memory of a lifetime
Go and Rust mostly
Hard disagree. Safe C++ code can be written quite easily these days. And better tools are coming out all the time.
Yes, but there’s a difference between “you can write safe code” and “the compiler will come for your family the next time you make a mistake”
rust isn’t a magic bullet either, it still doesn’t protect against a whole host of problems, like stack overflows, out of memory/bitflips, logic errors, memory leaks, unrecoverable errors/panics etc., and many projects are full of unsafe context rust code anyways.
That cannot be true, i used
#![forbid(unsafe_code)]
Jokes aside: yes, Rust (and Go) wont magically resolve SQL Injections, but if we remember that about 70% of bugs are related to memory safety, using Rust (or Go) will make your code at least somewhat safer
And C++, just checked the wiki and the 2 example of openssh’s heartbleed and sudo, both in C. Not C++. As expected.
By that logic scratch would be the safest language out there (or can you tell me the last time a program written/built in scratch had a bug that affected millions of ppl around the world)
I wish it was not C++ but their implementation is quite interesting. Not only is it modern but they wrote their own standard library including error handling right down to the main function. It is quite nice for C++.
All that came from SerenityOS. I hope they do not lose too much of it with the split. I mean, the Ladybird Project Leader authored most of it ( their C++ framework ) so it will probably stick. Harder to do when you start using other libraries though.