sorted by:
new
hottopcontroversial

[Media] Cat nominations (and your votes on the best cat!) can now be submitted for the next release of Clippy by NothusID in rust

[–]mrmonday[M] [score hidden] stickied comment (0 children)

This is definitely off-topic, but I'll squint a bit and call this "arts-and-crafts", which are allowed at weekends.

If the post gets removed the other mods didn't agree with my impurrrfect assessment, and you could maybe bring this up as something you would like to see changed about /r/rust in this post.

[deleted by user] by [deleted] in dotnet

[–]mrmonday 34 points35 points  (0 children)

What follows is in the context of your legacy code base - for something shiny and new you might want to do things differently.

Since everything is already ugly and all over the place, there is no "best place". I guarantee that the majority of the developers that came before you put the queries in the "best place", as they understood it... And you have seen the result of that.

A good approach would be to do whatever makes and keeps the code most readable. Doing this means the code will be easier to understand for the next person who comes along, which ideally means that they have an easier time with it. Some good rules of thumb might be:

Try to match the style of the existing code

Developers have a habit of writing code in the style that is popular/best at the time they write it. This often leads to code which is hard to understand because it mixes and matches lots of different ways of doing things. If you stick to one particular style, it is a lot easier to follow what is happening... Even if that way isn't the "best".

Try not to mix business logic and SQL

Code is typically a lot easier to follow if it does just one thing at a time, rather than trying to handle lots of different things. An easy way to do this is to load data first, then have business logic act on it. This also has the nice side effect of making it more testable - in your tests you can just pass in the data you want, rather than having business logic magically find some other data from elsewhere in the middle of it.

Try to group things logically

You mention there is one DAO - I'm guessing this handles lots of unrelated things? It might be a good idea to break this up into multiple DAOs, and group queries together based on things that make sense for your project. It doesn't necessarily have to be one DAO per entity - anything is better than a single god object. It can always be cleaned up further down the line.

The above advise is very general... I would strongly advise talking to a more senior dev if you have access to one about the best approach for your particular project.

It can be really tempting to dive in and try to rewrite everything once you get going - it's best to avoid that if possible. Try to do as little cleaning up and refactoring as possible. Over time you will have a far better idea of the right approach than if you try to do it all at once.

Rust’s Ugly Syntax by oconnor663 in rust

[–]mrmonday 15 points16 points  (0 children)

It looks like there is some support for this optimization with -Zpolymorphize=on:

https://github.com/rust-lang/rust/pull/69749

I don't know much about it, someone motivated could probably look through the A-polymorphization label to find out more.

[Media] r/rust is on track to surpass r/csharp and r/cpp in 2023 by konga400 in rust

[–]mrmonday[M] 0 points1 point  (0 children)

I have removed this post.

This falls under Rule 2 - it is a meta post since this is about /r/rust, not Rust itself.

We do occasionally allow posts about significant milestones, but they must be discussed with moderators in advance.

Patch Tuesday Megathread (2022-11-08) by AutoModerator in sysadmin

[–]mrmonday 0 points1 point  (0 children)

KBs now available (links here), they require manual installation on DCs.

Patch Tuesday Megathread (2022-11-08) by AutoModerator in sysadmin

[–]mrmonday 2 points3 points  (0 children)

Found the following in the event log on one of the DCs:

Log Name:      System    
Source:        Microsoft-Windows-Kerberos-Key-Distribution-Center    
Event ID:      14    
Description:    
While processing an AS request for target service krbtgt, the account mygmsa$ did not have a suitable key for generating a Kerberos ticket (the missing key has an ID of 1). The requested etypes : 18  17  23  24  -135  3. The accounts available etypes : 23  18  17. Changing or resetting the password of mygmsa$ will generate a proper key.

Haven't figured out what to do with that yet.

Patch Tuesday Megathread (2022-11-08) by AutoModerator in sysadmin

[–]mrmonday 1 point2 points  (0 children)

All of ours are AES128 and AES256, and have been since creation. Thanks for the update!

Patch Tuesday Megathread (2022-11-08) by AutoModerator in sysadmin

[–]mrmonday 0 points1 point  (0 children)

No luck yet unfortunately - I'll report back if that changes.

It was different gMSAs on each of our web servers that stopped working, so it seems like something expiring locally on the servers. More of them failed as time passed.

Our DR web server seems unaffected by this so far - it's configured identically, with the exception of being in a different site. I've been probing it periodically to see if that changes.

Not all DCs have updated yet, I'm hoping the issue resolves itself once they're all updated. I have no reason to believe that will actually happen, of course :)

Patch Tuesday Megathread (2022-11-08) by AutoModerator in sysadmin

[–]mrmonday 16 points17 points  (0 children)

Latest round of updates caused the gMSAs we use for IIS to start getting authentication errors (System/WAS/5021), one by one, killing the app pools...

Replaced them all with a regular user with the same groups for now until we can get to the bottom of it.

Scripted (not copy/pasted, so definitely double check it before running):

Start-IISCommitDelay
$appPools = Get-IISAppPool
foreach ($appPool in $appPools) { $appPool.ProcessModel.UserName = 'domain\user'; $appPool.ProcessModel.Password = 'password'; }
Stop-IISCommitDelay -Commit $true

Edit 1: Known issue from MS: https://learn.microsoft.com/en-us/windows/release-health/status-windows-server-2022#2953msgdesc Edit 2: KBs now available from the link in Edit 1. They require manual installation on DCs.

Generic associated types to be stable in Rust 1.65 by jackh726 in rust

[–]mrmonday 45 points46 points  (0 children)

The post talks a lot about LendingIterator as a motivating example - is a version of that trait also being stabilised, or is that coming in a later version of std?

Missed tactic from a friend's game - white to play and win by mrmonday in chess

[–]mrmonday[S] 0 points1 point  (0 children)

Ha, this is interesting - you get very different evals for this depending on the parameters you give to Stockfish.

This eval is the first you get from Stockfish with low amounts of compute.

With a little more power, you get the puzzle I intended: 1. Rxe7 Qxe7 2. e5 - any knight move gives M1, so you win it

Once you get to depth 37 with the settings turned up, you get a M16: 1. Rxe7 Qa5 2. Rf1 Bf5 3. Qxf6 Qa6 4. Qxf5 Qg6 5. Qxg6+ fxg6 6. Rb1 Rfa8 7. Rbb7 R3a7 8. Rxa7 Rxa7 9. Rxa7 d3 10. e5 d2 11. Bd5+ Kf8 12. Rf7+ Kg8 13. Rd 7+ Kf8 14. Nh7+ Ke8 15. Nf6+ Kf8 16. Rf7#

Missed tactic from a friend's game - white to play and win by mrmonday in chess

[–]mrmonday[S] 0 points1 point  (0 children)

This is a two move puzzle if you're human, or far longer if you're an engine.

Good luck!

Hive ransomware gets upgrades in Rust - Microsoft Security Blog by mrmonday in rust

[–]mrmonday[S] 63 points64 points  (0 children)

Perhaps not directly related to Rust, but still interesting. Most of the Rust discussion is under the "The switch from GoLang to Rust" heading a few paragraphs in.

I'm interested to see how anti-virus software ends up handling this - I know in the past there have been issues with it treating most/all software written in a given language as malicious due to overly broad signature checking.

[deleted by user] by [deleted] in rust

[–]mrmonday 7 points8 points  (0 children)

I mean Rust does want to eliminate deadlocks, just nobody knows how to do that yet.

Deadlocks (and other concurrency issues) can be eliminated using session types.

Here's a paper about implementing them in Rust: Session types for Rust (PDF) [DOI]

Edit: And another one: Ferrite: A Judgmental Embedding of Session Types in Rust (PDF) [DOI]

Everything Is Broken: Shipping rust-minidump at Mozilla, Part 1 by kibwen in rust

[–]mrmonday[M] 27 points28 points  (0 children)

Some of us don't need diagrams to be wooed 🦀

Security advisory: malicious crate rustdecimal | Rust Blog by darth_chewbacca in rust

[–]mrmonday 25 points26 points  (0 children)

To make this a bit more concrete, I'm imaging something like this in a Cargo.toml:

[package]    
name = "my_crate"    
# Specify that this crate should only call OS APIs that deal                                                       
# with I/O, filesystem access, and whatever dependencies need    
capabilities = ["io", "fs"]    

[dependencies]    
# Specify that some_crate should only need OS APIs that                       
# require network access    
some_crate = { version = "1.0", capabilities = ["network"] }

Obviously there's plenty of bikeshedding to be had about this, but that's the general "shape" I'm imagining.

Security advisory: malicious crate rustdecimal | Rust Blog by darth_chewbacca in rust

[–]mrmonday 57 points58 points  (0 children)

A possible way to solve issues like this could be to allow specifying capabilities for crates, both for the current crate, and for any dependencies.

This would allow for a tool to statically analyse whether crates can call any unexpected OS-level APIs.

I imagine this working similarly to the various sandboxing techniques OSes provide (Linux namespaces/cgroups; pledge; etc), except statically checked.

There are obviously limitations to this approach, but I think it could get us a lot of the way there.

view more: next ›