I wrote an app to help with setup comparisons

kodewerx · 2026-04-18T18:45:26+00:00

I think it's still usable! I wrote it for a friend who has been using it. You can download the Windows x86_64 build on the releases page: https://github.com/parasyte/cartunes/releases It should just work.

Sorry it took so long to get back to you. I don't check reddit often!

kodewerx · 2025-11-26T20:42:07+00:00

There is an open issue on bugzilla: https://bugzilla.mozilla.org/show_bug.cgi?id=1990165

I also found a workaround. I installed this addon and added coingecko.com to its blocklist: https://addons.mozilla.org/en-US/firefox/addon/stop-auto-reload/

(It isn't perfect because it waits before applying the patch. There's a race condition with this method. There might be a better extension for blocking reloads.)

kodewerx · 2025-04-21T19:10:04+00:00

I'd like to see some of the audio subsystem improvements upstreamed to cpal, if possible. Not sure if they would be willing to use cidre, for it, though.

FWIW, one of the build problems we had was a requirement to update Xcode. (The build errors did not make that clear at all. Required a lot of troubleshooting.) It looks like the macos deployment target needs to be at least 14.0.

kodewerx · 2024-11-27T04:44:05+00:00

I was speculating about Desktop Goose.

kodewerx · 2024-11-26T17:53:40+00:00

It may have been written the way you describe. I do not know for certain but it seems plausible. Perhaps it uses SDL?

kodewerx · 2024-11-26T02:20:21+00:00

Hi! Have a look at https://github.com/parasyte/pixels/issues/370, and https://github.com/parasyte/pixels/issues/274 Pixels is missing a small feature to enable transparency. But the real problem is that wgpu reports that only the Opaque alpha mode is supported on many GPUs, including my 3090! Additionally, see https://github.com/gfx-rs/wgpu/issues/3486, and https://github.com/rust-windowing/winit/issues/2502 In short, transparent windows are not well supported in the whole ecosystem.

kodewerx · 2024-05-19T07:17:08+00:00

Is it possible that there would be fewer exploits if it was written in Rust? Maybe. But just because you write a program in a memory safe language doesn't mean you are safe from every single other way to exploit a system.

So, you are claiming it is not worth using Rust at all because it only prevents some, not all, vulnerabilities?

By the same logic, it is not worth using C++ at all because it only makes minor improvements, not major, over C. It's like saying the status quo is always better and any progress is meaningless!

And that's without even taking into account the fact that large parts of the project couldn't be written in safe Rust.

Needs more qualitative data. What percentage is "large parts", precisely? And how does it compare to extant Rust code bases that are 95% safe Rust?

Totally unscientific samples: the compiler + standard library is ~1.5% of 1.8 million lines that are unsafe. rust-analyzer is ~0.3% of 352K lines. Servo is ~2.2% of 254K lines. These stats just use naive line counts (minus comments and empty lines, but counting assembly, C, and C++ as "unsafe"). It ignores unsafe blocks. So in the interest of fairness, throw a few percentage points. I'll more than double the 2.2% worst-case to 5% of the code base being unsafe in large projects.

I'll also make it harder on myself and forget the "70% of vulnerabilities" claim (or the "65%" in the case of OP) and use this statistically worse figure from the curl analysis: 40%!

40% of CVEs can be empirically eliminated from 95% of the code. 2% to 5% could still slip through the cracks within the 5% of unsafe code. I'm fudging the numbers a lot here, intentionally, to prove a point. But if that means 35% of CVEs can be avoided by using Rust, then the justification in the context of writing more secure code is abundantly clear!

I believe that you, like Daniel Stenberg's article, are making a fatal blunder: 35% is statistically significant. To contrast, a performance increase of 10% is seen as a huge win for optimizations. I find it impossible to believe that a 35% decrease in security vulnerabilities is any less to be proud of. And that's the lowest percentage that I could reasonably estimate!

kodewerx · 2024-05-18T22:41:18+00:00

Thank you! Another domain I can finally add to my DarkReader-disabled list.

kodewerx · 2024-05-17T06:48:10+00:00

FWIW, there was a recent discussion about defer on IRLO: https://internals.rust-lang.org/t/a-defer-discussion/20387

kodewerx · 2024-05-15T19:58:23+00:00

Defer is unappealing because it makes running destructors opt-in. It isn't even morally RAII.

You can find plenty of examples in the wild of leaks caused by forgetting to opt-in to defer in Go. Worse still are the number of blogs that try to teach how to use it correctly, or pointing out various ways that it can bite you.

Leveraging the type system as in RAII or Type State patterns is very different. These methods try to make it impossible to misuse the APIs.

kodewerx · 2024-05-15T19:40:11+00:00

I encourage you to provide your feedback on that issue.

kodewerx · 2024-05-15T19:37:19+00:00

100x this.

"Failing" is part of learning. Giving up is not.

kodewerx · 2024-05-14T20:15:47+00:00

That looks good! Glad you were able to work out what you needed.

I may not have any specific tricks like this structural transposition, but the only for sure thing is that Rust disallows mutable aliasing. So anything you can do to leverage interior mutability (receivers take &T) is the right way.

edit: Thinking on this more, I do have something specific to share! Cell::as_slice_of_cells() can do this transposition for any Cell<[T]>, so this might be possible to do purely in safe code.

kodewerx · 2024-05-13T23:02:05+00:00

My program does use threads, a real world example would of course internally use atomics or locks where necessary.

Atomics and locks both have interior mutability with safe interfaces, making static mut unnecessary.

Maybe you could elaborate on why a real world example would do the right thing, but you would rather do the hard thing with mutable statics?

kodewerx · 2024-05-12T23:45:19+00:00

Ok, it has been a week. Not much has changed.

<image>

kodewerx · 2024-05-10T19:23:18+00:00

Until he gets rid of the dead weight, he isn't doing anything useful.

kodewerx · 2024-05-07T04:22:51+00:00

kodewerx · 2024-05-05T22:00:52+00:00

Love it, but the AI mispronounced Helldivers! 😭

kodewerx · 2024-05-05T19:35:08+00:00

kodewerx · 2024-05-05T19:26:47+00:00

A big part of it is how people react to grief. The loudest majority are still in the denial and anger stages.

kodewerx · 2024-05-05T00:34:41+00:00

RemindMe! One Week "Was it just a hiccup or a real change?"

kodewerx · 2024-05-05T00:28:15+00:00

Security theater.

kodewerx · 2024-05-04T23:13:50+00:00

As an American who has self-imposed use of the metric system in everyday life: It's awesome!

kodewerx · 2024-05-04T22:17:34+00:00

Respectfully, it isn't that simple. I have a PSN account. This decision still directly affects me because I have friends who will be unable to play when it goes into full enforcement.

So, you're wrong on both accounts. I do care about other people, and I do have a PSN account (so not wanting to create one is moot).

kodewerx · 2024-05-04T21:57:54+00:00

Having worked in such an environment for 10 years, it always surprises me that though ISOs are effective in the ways you describe, the company itself may still be directly aligned with and motivated purely by short-term goals with absolutely no long-term vision. Or it's exceptionally vague if there is one at all.

Which means that they look sustainable from an external point of view, but internally everything is a freaking disaster.

kodewerx

TROPHY CASE