Difference is compiling an app from source for Android is not really feasible on Android devices, whereas doing so on macOS is literally built into the package managers for macOS and is generally pretty trivial beyond it taking more time.

Also, macOS doesn’t prevent you from running the apps entirely.

Yes, but you can still compile the code yourself. It’s only problematic for binary distribution. This is basically a question of balancing security vs. freedom I suppose.

By doing what homebrew currently does when you pass the --no-quarantine flag, which is call xattr.

Note that I’d probably support removing --no-quarantine if Apple’s notarization service was free.

Deprecating now will give a decent lead time for users using it to come up with another solution or adjust their workflows.

The adjusted solution/workflow: use something other than homebrew

Nah, it’s just that a whole lot of people, me included, are tired of foolish “but Rust is safe!!!1” propaganda-like shallow screams, like kids getting a new toy.

Okay, and I’m tired of seeing every Rust-related thread filled with random idiots shitting on Rust for no real reason (often unprompted, with no actual argument other than “hurr durr stupid cult of rust bad hurr durr why use rust when c do trick”) and then go on about how the brilliant, genius, enlightened C programmers will save us with their 3000 IQ brainpower and never make mistakes. It’s just tiring. Every Linux discussion about Rust, every discussion about some software being rewritten in Rust (even by the original developers), every discussion even tangentially related to Rust ends up like this.

Yeah, what I was saying was that rather than the basic take URL and just put the file on the filesystem use case (which is in the common case not that difficult with stuff like reqwest or hyper), the other use cases where you for instance use the library to process requests and their responses in non-default or potentially bizarre ways is more likely where there’d be an issue. When I said “extra processing” for requests, I was including for instance potentially dealing with TLS and interactions between underlying libraries and so on with all the various protocols curl supports.

Now that you mention it this does sound suspiciously like every Rust-related Phoronix comment section I’ve seen

Tbh that specific case probably wouldn’t be a big deal. It’s all the extra processing curl can do for http requests and the like that’d be more dangerous to rewrite I’d think.

> deliberately lies about content of article to shit on Rust
> gets called out
> “how dare you twist my words”

So fucking childish lol. Could have just used a real article about a Rust vuln like this one but whatever.

At this point I feel like anti-Rust people are more cult-like than any pro-Rust people I’ve met.

Wtf does this have to do with kid rock

As expected, these all sound like logic bugs.

Weren’t you the dude posting completely irrelevant articles? As I said before, no one reasonable thinks Rust programs won’t have bugs. Rust helps prevent a specific class of vulnerabilities. The rest is, as per usual, up to the programmer to avoid.

EDIT: I browsed your comments to verify. You were indeed the person posting the irrelevant articles about malware written in Rust being used to exploit other programs and using it to claim that software written in Rust was vulnerable.

911 please send help