Oddbean new post about | logout
 After experimenting with C++, I rejected it as combersome, slow to compile, and few benefits (such as golang and rust provide).  Rust is even slower to compile.

I stole some C++ concepts for C, using a nexted exception analog with try/catch macros and also swiped obstack from gnu compiler.  Thus most memory management is automatic with obstack freeing objects from more deeply nested levels.  Objects point to a class structure with function pointers for virtual methods.  Virtual method calls use do macros.  As in x = do(obj,parm1) or do2(obj,p1,p2).

Archive of sql implementation using that C style: https://github.com/sdgathman/btas/tree/master/sql

In contrast to nostr:nprofile1qy2hwumn8ghj7un9d3shjtnyv9kh2uewd9hj7qg3waehxw309ahx7um5wgh8w6twv5hsz9mhwden5te0wfjkccte9ehx7um5wghxyctwvshszythwden5te0dehhxarj9ekxzmny9uq3wamnwvaz7tmdd3jkkafwdehhxarjxyhxxmmd9uqsuamnwvaz7tmwdaejumr0dshsqgzvsqp90fvg4q5yn5zfs97zhk4dnp9jtfz6m8md44nwglfmgl3m9ucrxauz  , I consider the golang/npm/rust library repos dangerously fine grained.  Instead of a few dependencies with trusted maintainers, a golang project e.g. has hundreds of dependencies by little known individuals - any one of which could have (and has had) trojans built in.  And these contributors can artificially boost their reputation by e.g. [reputation farming](https://seclists.org/oss-sec/2024/q2/304).  

Large topical libraries like glibc or libsodium are much more manageable.  Golang projects are extremely cumbersome to build for projects like Fedora with reproducible builds.  To me, it is insane that people type 'go build' and get the latest code from random strangers on the internet integrated with their binary.  Now download all 200 dependencies, at least eyeball the code for all 200, try to check the reputation of a random sample of the 200 contributors, check the LICENSE of each dependency and compatibility with your license (and Fedora policy) - and THEN tell me how "easy" golang is.