not changing working code to prevent issues is unsafe.
we can go in circles all day with blanket statements that are all true. but we have ample evidence that even if we think some real-world C code is safe, it is often not because humans are extremely bad at writing safe C.
sometimes it's worth preventing that more strongly, sometimes it's not, evidently they think that software that a truly gigantic amount of humans and machines use is an area where it's worth the cost.
I honestly can't tell if this is meant as serious reply to my question (in that case: let's say I agree that Rust is 100% better than C; my question still stands) or as a way to mock Rust people's eagerness to rewrite everything in Rust (in that case: are you sure this is the reason behind this? They are not rewriting Git from scratch...)
conradev|5 months ago
Groxx|5 months ago
we can go in circles all day with blanket statements that are all true. but we have ample evidence that even if we think some real-world C code is safe, it is often not because humans are extremely bad at writing safe C.
sometimes it's worth preventing that more strongly, sometimes it's not, evidently they think that software that a truly gigantic amount of humans and machines use is an area where it's worth the cost.
striking|5 months ago
And if it's well-tested, maybe that condition is achieved by the use of a test suite which could verify the changes are safe too?
IshKebab|5 months ago
gre|5 months ago
yencabulator|5 months ago
sebtron|5 months ago
jcrben|5 months ago
This is one of the best reasons to rewrite software in Rust or any other more safe by default language.
EverydayBalloon|5 months ago
[deleted]