https://github.com/ziglang/zig/pull/4929#issuecomment-649191... The bulk of the conversation happened in Discord around that time. Initial attempts to bring this up were met with "zig is perfect"-type conversation, none…
Only as safe as the creator decides. Andrew has shot down discussions about DOS vulnerabilities in the standard library and the cult-like discord community loves to dig on anyone who brings such things up. I will be…
Every time Zig is mentioned I always have to post a most-likely-downvoted warning: The creator of Zig has expressed some disregard toward proper security in the current prototypes. The standard library is riddled with…
I'm still miffed about Andrew's response to DOS vulnerabilities in the standard library. I know that Zig isn't at a v1 yet (or wasn't at the time, at least) but that's no excuse to shut down conversation about security.…
I don't see how those two things coincide at all. Further, your second statement is a strawman - for a project and community that touts being a serious replacement for C, there are indeed expectations about the security…
There is no excuse, in my opinion. The PR would have taken a step in a safer direction, even if the entirety of it is scrapped at a later date. It wouldn't have broken anything else in the codebase, and it was a…
They're fine if you don't bring up criticisms. God help your soul if you do.
See my other comment. It's more the fact Andrew stepped into the conversation himself and just said "be nice" instead of addressing security concerns, just fueling the flame war even more. A response to a security…
A regression appeared where members were accessible outside of their scopes even without the `pub` modifier. This took months to fix and the person bringing it up initially was yelled at about not understanding…
Zig has very little focus on safety and has had several regressions related to security and correctness, most of which Andrew has said he doesn't care about as much. This concerns me greatly. The discord community…
> his top priority is managing complexity and limiting surprise Zig doesn't do either of those things. There are a fair amount of criticisms of the mental model of the author that I've seen voiced - some including…
What a great comment. I'm sure it'll get flagged into oblivion, though - thus directly proving Dijkstra's point.
Because it makes you uncomfortable? Or because you have reason to believe otherwise?
https://github.com/ziglang/zig/pull/4929#issuecomment-649191... The bulk of the conversation happened in Discord around that time. Initial attempts to bring this up were met with "zig is perfect"-type conversation, none…
Only as safe as the creator decides. Andrew has shot down discussions about DOS vulnerabilities in the standard library and the cult-like discord community loves to dig on anyone who brings such things up. I will be…
Every time Zig is mentioned I always have to post a most-likely-downvoted warning: The creator of Zig has expressed some disregard toward proper security in the current prototypes. The standard library is riddled with…
I'm still miffed about Andrew's response to DOS vulnerabilities in the standard library. I know that Zig isn't at a v1 yet (or wasn't at the time, at least) but that's no excuse to shut down conversation about security.…
I don't see how those two things coincide at all. Further, your second statement is a strawman - for a project and community that touts being a serious replacement for C, there are indeed expectations about the security…
There is no excuse, in my opinion. The PR would have taken a step in a safer direction, even if the entirety of it is scrapped at a later date. It wouldn't have broken anything else in the codebase, and it was a…
They're fine if you don't bring up criticisms. God help your soul if you do.
See my other comment. It's more the fact Andrew stepped into the conversation himself and just said "be nice" instead of addressing security concerns, just fueling the flame war even more. A response to a security…
A regression appeared where members were accessible outside of their scopes even without the `pub` modifier. This took months to fix and the person bringing it up initially was yelled at about not understanding…
Zig has very little focus on safety and has had several regressions related to security and correctness, most of which Andrew has said he doesn't care about as much. This concerns me greatly. The discord community…
> his top priority is managing complexity and limiting surprise Zig doesn't do either of those things. There are a fair amount of criticisms of the mental model of the author that I've seen voiced - some including…
What a great comment. I'm sure it'll get flagged into oblivion, though - thus directly proving Dijkstra's point.
Because it makes you uncomfortable? Or because you have reason to believe otherwise?