'My work to promote language-level memory safety will continue unabated.'
If you didn’t see, a python crypto library (arguable, the python cryptography library) was updated to no longer use C and instead opt to use rust. This broke a lot of people’s CI pipelines, which seemed like a massively overblown problem (protip - you can update your CI runners to have rust support, it’ll work fine, trust me).
The thread is pretty funny and full of silly comments, some of which I’d like to highlight below.
"So the only "reason" for this change is to use a "actual safe language"? ...ahhh...yeah...
But blowing up systems with unnecessary software packages is a more secure way, that's for sure...
(my 2 ยข)"
https://github.com/pyca/cryptography/issues/5771#issuecomment-775019484
38 upvotes, 102 downvotes.
Some guys essay on why the maintainers hate their users:
Linux developers don't know all of their users. But they trie to care about all of them, whether they know them, or not. Linux developers care about their users. You don't.
https://github.com/pyca/cryptography/issues/5771#issuecomment-775520684
3 upvotes, 22 downvotes
Some guy laughing at nondeterministic build systems:
https://github.com/pyca/cryptography/issues/5771#issuecomment-775520897
Someone upset that cryptography don’t know their users:
@MrMino I did read the thread - the advice given here is passing the blame to someone else (in this case - users). Strongly echo what @ignaloidas has pointed out very well - You say you know who your users are. You don't
https://github.com/pyca/cryptography/issues/5771#issuecomment-775531858
Someone talking about writing secure C:
https://github.com/pyca/cryptography/issues/5771#issuecomment-775697527
Which is shortly countered by a usenix presenter attesting to the horrors of writing bad C:
https://github.com/pyca/cryptography/issues/5771#issuecomment-775971272
Someone being mean to a USENIX presenter on memory safety, calling it confirmation bias:
https://github.com/pyca/cryptography/issues/5771#issuecomment-775971272
In my opinion, the best line is the second last one in the entire issue:
My work to promote language-level memory safety will continue unabated.