@jarkko On the other hand: Dependencies in C/C++ tend to be much bigger than those in Rust. Qt/boost/gnome/... all would be several times more dependencies in Rust. In fact every C lib is at least two dependencies in Rust: foo-sys and foo.
I find it hard to compare numbers here, the eco-systems are so very different.
I find it somewhat easy because the application category is well defined in my post:
@jarkko Fewer deps does not help with memory safety mid-term either: You simply can not code without fail. There is no way to be memory safe -- and to *stay* memory safe -- without good tooling.
And static analysis is more limited in C than it is in rust: Aliasing is the bane of analysis and rust just has much less of that going on.
@jarkko Yeap, gnome is a umbrella project. So is Qt and boost :-) Any library in there would be several crates. It's easy to create and use crates, so you get lots of them :-)
But yes, I do not trust random crates either:-) It is random code on the internet, conveniently packaged for reuse.
But then I do not trust random C libs I find on github either. Much less so random C apps: Code reuse happens by copy/paste and inlining code to avoid having a dependency -- which is hard!
@jarkko Both ELF and COFF are written to accommodate C... Rust has to jump through hoops to squeeze all the stuff it needs in (as does C++ and other languages).
That's where at least a part of the extra code comes from.
@jarkko Rust is build around local reasoning... I doubt that will be sacrificed for *any* feature. C has that too a much lesser degree (aliasing is part of that problem). At least academic papers about analysis (static and dynamic) I have seen recently seem to agree that analyzing rust is much easier due to its language design.
Most of the new rust stuff gets de-sugared down to existing HIR/MIR functionality, so complexity explosions is overrated I think ;-)
We will see what the future brings.
@jarkko You make a solid argument either way;-). I see the problem too, I just do not think C is that much better when you pull back the curtains. I found way too many copies of gzip in code bases for my liking 😉
"Sure, this code has no dependency -- just some random version of something with some patches on top copied straight into a folder a decade ago and not updated once since then."
Proper dependencies are way better than that IMHO. At least you can see the entire picture that way.
@jarkko I greatly dislike useless dependency explosion in the ecosystem.
e.g. Why does my project have to compile 10 different ways to print errors? Why do I need four different pretty-printing crates?
@jarkko Yeah, I'd rather do Java than C, but only barely. Java's big mistake was inheritance. I don't want to waste time clicking though ten levels and thirty pages of Oracle docs.
It's also quite competitive with lower-level languages—for example, an optimized program on GraalJVM (or whatever it's called) can often beat a naïve Rust program.
Rust's backend parallelism is superior to almost anyone else's, though. That's a huge win for the ecosystem. Plus, we have good SIMD wrappers.
@jarkko I think it's remarkable (in a good way) that we're in a place where languages like Rust *and* radical improvements to time-tested C toolchains BOTH happen.