Why does it matter if it’s written in Rust?
replies(5):
Today, we're excited to introduce Gosub, a new open-source browser engine that we are building from the ground up in Rust!
Gosub aims to be a modern, modular, and highly flexible browser engine. While still in the early development and experimentation phase, Gosub is shaping up nicely, and we’re looking to onboard more contributors to help us bring this project to life.
Some of the key highlights:
* Written in Rust: We're leveraging Rust's safety and performance features to create a robust and efficient engine.
* Modular Design: The project is organized around modules, allowing for clean separation of concerns and easier collaboration. It also allows us to easily swap components based on needs and allows more freedom for engine implementers in the future.
* Collaborative and open source: We’re building Gosub with the intention of making it approachable and open to contributions, aiming to create a project that's easier to understand and collaborate on compared to existing browsers.
With Gosub, we're aiming to build something more approachable that can evolve with the latest web technologies, all while being open to contributors from day one.
We’re looking for developers with or without experience in Rust. You just need to be interested in browser technologies. There are plenty of opportunities to work on core modules, document our progress, and help shape the project's direction.
We can already render simple pages, including the hackernews front page. However, to render most sites correctly, it is still a long journey, so come and join us!
You may as well ask "why does it matter if this bridge is made of iron".
Each material has its own qualities, which means its own pros and cons in a given context.
This naive belief that there will be one language to rule them all (and is name is <fill-in-the-blank> ignores history and the world outside of programming in a rather silly way.
I'd be fine with someone building a new browser out of stone, concrete, wood, or even rope.
Just don't build it out of C/C++ because those languages aren't memory safe.
There are risk-reduction strategies one can follow with C++, which offer some fraction of the reduction that Rust does (opinions vary on the value of the fraction). Rust enforces risk-reduction strategies, which in some contexts may be of value all by itself.
Language choice does not eliminate risks in software.
They don't really. It's been shown by many studies that 2/3 of security bugs are memory safety errors. That's the minimum that Rust can eliminate.
It actually should eliminate more because it also has the strong type system and tree-ownership style that help reduce the chance of logic bugs unrelated to memory safety too (similar to Haskell and other very strongly typed languages).
This is probably the biggest data set:
https://security.googleblog.com/2024/09/eliminating-memory-s...
Unfortunately they don't break out non-memory safety vulnerabilities, but they've almost eliminated memory safety vulnerabilities by writing new code in Rust.