Rust doesn't need this as much because it has enums so you can just do create_user(user, Role::Admin, Notify::None).
FizzyOrange
joined 2 years ago
Or just "slopping" maybe? "Stop slopping up code."
Yeah Ruby sucks but that was an interesting read, and the way they used Serde to decode Ruby values is a very clever trick!
Oh so... there actually aren't "so many other good tools out there that don't pull this kind of shit [have bugs]"...
Do you know of an alternative to VSCode that has no bugs? That would be amazing!
Tbh while DST (or just "testing" as hardware people would call it) is very obviously a great idea, I'm not sure it would have helped here - in order to detect these TOCTOU bugs you would need stimulus that triggers it and some kind of checker/model that has the correct behaviour.
That's totally possible but it's pretty hardcore testing for a software project and it's difficult to imagine doing that without realising that you have a TOCTOU issue just by inspection.
the researchers guided mythos to the vulnerabilities, not the other way around
I don't think that's true, based on what I read.
I haven't used Java for decades and never used .net so I'll take your word for those. Absolutely not for C++ though.
Go's standard library has:
- JSON, XML, etc.
- A web client and server
- Bigints
- Logging
- JPEG, PNG and GIF
- SQL client
- SSH client
- All the crypto algorithms
- Gzip, zlib, deflate, etc.
C++ has none of that. Hell C++ only got a function to check if a string starts with a prefix a few years ago.
I think the only mainstream language with a standard library that is both good and comprehensive is Go. All of the others either have smaller standard libraries (e.g. Rust) or poorly designed ones (Python).
view more: next ›
Yeah I do wonder if we need an easier way to declare these things because programmers are lazy and even in Rust I wouldn't always bother.
You can kind of do it in Typescript with strings:
But of course the downside is they are strings at runtime. I'm sure it's possible though.