onlinepersona@programming.dev to

Rust@programming.devEnglish · 1 year ago

Could rust do with a crates.io alternative?

55

Could rust do with a crates.io alternative?

onlinepersona@programming.dev to

Rust@programming.devEnglish · 1 year ago

To me, the two major problems are:

no namespaces

Someone uploads “serde2”? that’s blocked forever. Someone uploads a typo version of a popular package? Too bad for you, learn how to type.

the github connection

If you want to contribute to crates.io you’re bound to github. No gitlab, codeberg, gitee, sourcehut, etc.

Not sure if there are any other problems, but those two seem like the biggest things and #1 is AFAIK not something they ever want to change + it would be difficult to as one would need a migration strategy.

Chat

onlinepersona@programming.devOP
link
fedilink
English
arrow-up
4·
1 year ago

It it does fuck all for type squatting. Sure, now I’m safe from getting malicious code by doing tokio/tokiu-http, but tokiu/tokio-http can still be malicious!

You are indeed correct. I hadn’t considered that!

The checksum idea might work 🤔 That definitely could be possible with the new registry.

Rust@programming.dev

rust@programming.dev

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !rust@programming.dev

Welcome to the Rust community! This is a place to discuss about the Rust programming language.

Wormhole

!performance@programming.dev

Credits

The icon is a modified version of the official rust logo (changing the colors to a gradient and black background)

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

1 user / day
56 users / week
618 users / month
1.8K users / 6 months
1 local subscriber
5.94K subscribers
807 Posts
3.64K Comments
Modlog