RetroTechie
2 days ago
There's so much good stuff in this post.
Can't help to think of a recent HN post about most AI-generated projects being abandoned within months. Why?
Because value of a project is not in the code produced. It's in the amount of battle-testing that code has seen.
Battle-tested, mature code > fresh rewrite.
Existing Zig codebase has seen X amount of battle-testing. Rust rewrite: 0 (except -I'm assuming- passing test suites). Also:
"this was a port to unsafe Rust, allowing a literal file-by-file migration to minimize risk"
How is that better than the Zig codebase you started with?
Now if that's further migrated to safe Rust, put into production & gathered feedback from lots of users, yes then you have something. As it is, the impressive bit is do such a big rewrite & result seems to work ok. Are Bun users happy with this?
To me it reads like Bun was forked. Will the Zig version survive? Will the Rust one? Both? All options ok.
Edit: and fwiw, I don't think Zig community should get triggered on any of this. It says nothing about how suitable Zig is or isn't for project xyz, and Zig community is big enough to carry their own project & applications besides Bun.
sph
2 days ago
They get abandoned because they get generated on a whim.
Sunk cost fallacy can be a feature: if you have spent a lot of blood, sweat, and tears on a project, you are more likely to push it through adversity and the doldrums that inevitably one will encounter. If all it took was one of those momentarily brilliant ideas and a prompt on Claude to produce something, there is no attachment whatsoever to it.
Speaking as the ‘average programmer’, I have dozens of brilliant ideas per day that don’t stand the test of time or scrutiny, and the very few that pass the filter don’t seem that interesting days later, or worth the effort at all.
Ideas have always been cheap. Now, proof of concepts have become as cheap. I don’t care about your Show HN unless you have spent a month on it.
TeriyakiBomb
2 days ago
A drum I've been banging increasingly often recently is that having friction and time to work ideas over in your mind adds huge amounts of value. Vibe coded projects have this very specific, well, vibe to them where you can clearly see that the lack of time to digest has allowed the person to not challenge their own worst impulses. You can see it in the feature bloat, the lack of depth and polish in core features and the wild asides you tend to talk yourself out of still on display.
mech998877
2 days ago
I disagree with this, and I've been spending time thinking about it because some of my friends had a similar conversation.
The friction itself does not add value. The time spent thinking on the problem does. Friction should be minimized beyond the absolute bare minimum. Programming is a discipline where your workstation is already streamlined, and it is easy to forget where the friction is. Programming is done in a world of pure though, in a sense, so most of the friction already lives in your head, and it is difficult to distinguish effort wasted fighting friction from effort making real progress.
Consider the Wright brothers. They worked iteratively. When they wanted to design an airplane they moved from Ohio to a windy place with lots of loose sand (NC outer banks). Why? So that they could do test runs with good wind conditions (for an airplane that is barely able to fly this matters a lot) and crash with the least amount of damage. They rebuilt the airplane dozens and dozens of times and had a workshop tuned to their needs on location. They reduced friction wherever they could so that they got the most work done that they could with the least amount of distraction.
fluoridation
2 days ago
>Programming is done in a world of pure though, in a sense, so most of the friction already lives in your head
It seems that way, but that's not actually true. A fully greased-up brain would produce just incoherent nonsense decoupled from reality, because it would lack all constraints that would allow it to judge the value of an idea (i.e. how possible and useful it would be to implement in the real world). The friction comes from fitting your ideas into the real world.
>They reduced friction wherever they could so that they got the most work done that they could with the least amount of distraction.
They reduced unnecessary friction. They could have eliminated all friction by imagining a teleporter machine that can send you anywhere instantly and that runs on the hopes of children. But they still wanted the friction of unsuccessful attempts so they could actually build a plane that worked.
mech998877
2 days ago
Your concluding example doesn't make sense to me but I think that it's because we have different definitions for what friction means here. It's also kind of hard to define in context.
I would say that, within the Wright Brothers example, working with a battered, worn-out screwdriver is an example of friction (or, perhaps having to use a bit and brace instead of a power drill), but the act of building a new unsuccessful airplane iteration is not friction. Every build is asking physics for feedback on the design; every airplane build is just the same as running your code through the compiler. I wish I had a good word to distinguish this from friction. The closest thing I can imagine is how waste is defined in Lean Manufacturing, but keeping in mind that what you are manufacturing is Ideas and Software.
fluoridation
2 days ago
It sounds like you're not disagreeing with what the other person was saying then, you're just disagreeing with their application of the word "friction". I don't think it makes much sense to argue about the precise definition of a metaphor.
TeriyakiBomb
2 days ago
Didn't see this reply before adding my own. Yes, I think we're in agreement.
mech998877
2 days ago
fair enough. I'm probably still in disagreement with the friends I mentioned earlier!
user
2 days ago
edude03
2 days ago
I liken it to dieting. If your only goal is to be certain weight, then learning how to cook, learning how to portion, learning to make a meal plan, learning about macro nutrients is all "friction" now that we have GLPs. And maybe using a meal prep service reduces some "unnecessary friction" but you still would have to learn a bunch of useful skills along the way.
Concretely, If your only goal is to produce "software" then learning about design, planning, project management, testing etc is all unnecessary friction when you can just ask an LLM to "make it so"
overgard
2 days ago
Nitpick, but this is misunderstanding GLPs (I'm on them). If you don't change your diet and your habits, yeah, you'll temporarily lose weight but it'll come right back when you're off it AND you'll lose a lot of muscle. You kinda still need to do "the right things", it's not a magic cure all. (Of course, same thing can be said of AI).
theshrike79
17 hours ago
GLP's don't make you lose muscle. Losing weight without exercising does.
You'll get the exact same muscle loss with a CICO calculation weight loss.
edude03
2 days ago
A fair callout, though yes it was supposed to be a simplified analogy. I think you got it exactly right though that its temporary in the same that I'd argue the benefits of using AI are temporary
overgard
2 days ago
I definitely agree with your overall point, just wanted to correct that one thing.
Cyberdog
2 days ago
As someone who has been losing weight over the past year, the cost of GLP1s is and was a greater point of friction to me compared to just eating less garbage.
TeriyakiBomb
2 days ago
I think this is just my choice of wording, friction as a means of slowing down and thinking something through is useful. Friction isn't just a roadblock. For all the times you want to do something exotic, throw an hour or two at it and in the process realise it was a bad idea and a more elegant idea emerges. That, that's the kind of useful friction I mean.
But overall yes, time spent thinking is the thing that matters.
It's less "there should be more friction" and more "LLMs remove too much". Instant gratification is great if you're a consumer, awful if you're a creator.
panarky
2 days ago
> The friction itself does not add value
Exactly. I don't have to write binary machine code directly, every zero and one artisanally crafted by hand, to have thought deeply for years about a how to solve a problem.
In fact, choosing the right level of abstraction is essential to my ability to solve the problem.
For most problems, the friction of writing binary code by hand is the wrong level.
And we're discovering that many important problems can be solved faster and with greater quality than can be achieved by dogmatically hand-writing every line of source code just for the friction.
crowdhailer
2 days ago
I think that friction of feedback and friction of construction are two different things. Having lots of tokens to build things doesn't mean you have more feedback. I'm a bun user I like it. I can't really comment from my use on what the Zig vs Rust rewrite means to me.
sph
2 days ago
Yes, there is a widespread belief in tech that 'removing friction' is a good direction to aim for. But you can have too little friction that completely ruins a product and the user experience.
In game design friction very important; remove all friction and you don't even have a game any more, you might as well show the You Win screen. My favourite metaphor for it is sex: there is no sex without friction.
What LLM have done is massively reduce the friction of intellectual effort, completely devaluing most expressions of it.
bayindirh
2 days ago
You can't build muscle without resistance, you can't cook ideas without friction.
Both needs heat.
pmg101
2 days ago
If you wanna travel faster you can build muscle, or you can just get in a car.
kentm
2 days ago
You have to get licensed to drive a car and there are rules. If you are caught breaking the rules you can be fined (or jailed if your rule breaking harms others enough). In extreme cases of rule breaking you can lose permission to drive the car.
This is all friction that is intended to make car-driving work at scale.
LogicFailsMe
2 days ago
Zero Player Games and Cow Clicker calling...
There really, truly, absolutely, 100% is no accounting for taste...
zem
2 days ago
brings back fond memories of idlerpg
quirkot
2 days ago
In terms of removing friction, I think of moving a boulder. Wheels = good. Ice slide = bad
TeriyakiBomb
2 days ago
I don't think it inherently devalues it. But the mediocre baseline for it and how much it entices you to allow it to just spit out that mediocrity takes discipline I don't think everyone has. I've seen some lean in and keep their heads just fine. I've seen others lean in and become disillusioned.
Worst of all I've seen good engineers lean in and begin thinking uncritically and magically.
icodar
2 days ago
Some friction can be painful. It's not always beneficial.
deaux
2 days ago
Yes and no.
Let's first settle on the definition of vibecoding so that we're not miscommunicating over definitions. I'm using the one that seems the median definition nowadays: >95% of the code written by LLMs, <60% of the output code human-reviewed, meaning there's a large part of the codebase that no human ever reviews.
As you said it's about time invested in thinking about it, yes. But remember that even pre-AI >90% of software got never used, it was dead on arrival. Look up "success rate of software projects in business".
You can put lots of time into thinking and vibecode everything. You can put very little time into thinking and write by hand. Of course, vibecoding makes the former much more likely. But nothing about it is inherent to it.
foobarchu
2 days ago
I hate to be the guy arguing semantics, but is that the median definition? Everyone I know defines vibe coding as ignoring the actual output code completely and evaluating the result by how it behaves under test. Non-coders vibe code by default, because they don't understand how to read the code in the first place. Developers vibe code when they just trust the LLM to have been right about the behavior they don't explicitly test for. Vibe coding is the act of ignoring most possible friction, for better or worse.
deaux
2 days ago
It is. There are many people on here who think of having any LLM generated, never-human-reviewed code in the codebase, as vibecoding. There are also people like you, who believe it's about completely ignoring it, and even human-reviewing 10% of the code means it's not vibecoding. The median definition, at least on here, is somewhere in the middle, around "a large portion of the code is never looked at by a human".
ramses0
2 days ago
nivethan
2 days ago
thanks for that link, I've thought that friction was helpful but this gives me a word and a concept to look at.
zogrodea
an hour ago
Happy to learn about the concept today. It resonates with me.
I sometimes think of something Kant wrote, about how friction (hardship, etc.) elevates us.
In Kant's own words:
"Without those in themselves unamiable characteristics of unsociability from whence opposition springs-characteristics each man must find in his own selfish pretensions-all talents would remain hidden, unborn in an Arcadian shepherd’s life, with all its concord, contentment, and mutual affection. Men, good-natured as the sheep they herd, would hardly reach a higher worth than their beasts; they would not fill the empty place in creation by achieving their end, which is rational nature. Thanks be to Nature, then, for the incompatibility, for heartless competitive vanity, for the insatiable desire to possess and to rule! Without them, all the excellent natural capacities of humanity would forever sleep, undeveloped. Man wishes concord; but Nature knows better what is good for the race; she wills discord. He wishes to live comfortably and pleasantly; Nature wills that he should be plunged from sloth and passive contentment into labor and trouble, in order that he may find means of extricating himself from them. The natural urges to this, the sources of unsociableness and mutual opposition from which so many evils arise, drive men to new exertions of their forces and thus to the manifold development of their capacities. They thereby perhaps show the ordering of a wise Creator and not the hand of an evil spirit, who bungled in his great work or spoiled it out of envy."
See the section titled "FOURTH THESIS" at the following link if interested.
https://en.wikisource.org/wiki/Idea_for_a_Universal_History_...
samspot
21 hours ago
Alternatively, you can easily add the bloat, discover if it has real value, and then strip it without the bad feeling of having sunk countless hours creating it. Vibe coding is excellent for making the first prototype to throw away.
ultimafan
2 days ago
I agree with this wholeheartedly, it's harder to notice this in a field you are a professional in, but what really opened my eyes was noticing how often friction kept me from making mistakes in hobbyist metalworking/woodworking projects. More than once I've either made or didn't make mistakes based entirely on if the tool I "needed" for the next step was in arms reach or a walk across the garage and a search through multiple toolboxes.
hughw
2 days ago
I feel this too but it's very hard to argue myself out of adding features like mad. Features, features, features. Tech debt may be an illusion, if the LLM can keep maintaining it all.
apsurd
2 days ago
features with theoretical use incur cost up front and yield no value. tech debt is only part of the cost, the other is opportunity cost of writing the OPTION. There’s really no good reason to create theoretical use features.
Thinking of software from finance and derivatives pov really blew my mind. here’s the article, it has AI smell but it’s short and the mental model is good: https://newsletter.kentbeck.com/p/the-cost-yagni-was-never-a...
it’s a breakthrough for me because i too like to build so it’s hard to not build. With options, i don’t get to build blindly but there’s still satisfaction in holding the option. collect the options, system design them, build on that layer.
capr
a day ago
That analogy works for app code, it doesn't work for technologies, library, frameworks, algorithms. Why build a compiler for this app? YAGNI! makes no sense.
deaton
2 days ago
I think you're right, and I think this principle of friction-is-good-actually applies to a lot more domains than just software, but whether the world will ever accept that is a different question.
groundzeros2015
2 days ago
I know of some financial analysts who don’t like to pull data in from reports automatically. They prefer to read each row and copy it into their spreadsheet because they actually contemplate what the number means.
sph
2 days ago
Same with taking notes by hand compared to writing on a keyboard, and the effect it has on memory retention is well researched.
RetroTechie
2 days ago
It's a flavour of Jevons paradox. Make production of software much more efficient (requiring fewer developer-hours), then you might get:
1. Same services provided using similar software stack, but maintained by fewer developers. I suspect this may hold for some sectors in the economy. Or
2. The Jevons case: similar # of developers maintaining a much bigger software stack that provides more services.
I might add:
2a: Similar but with lots of accidental complexity everywhere.
Probably we're heading towards some mix of the above? Depending on which application area you're talking about. Web dev is a lost cause, deeply-embedded won't see a big shake-up.
TeriyakiBomb
2 days ago
I also think it's universal. When talking about this IRL I always say:
"If one teenager works hard and saves for a few years to buy themselves a car and another has theirs bought for them on a whim, who would appreciate their car more?"
Odds are it's the former, not always. But mostly.
politician
a day ago
Ugh. Most of this thread can be resolved by realizing that Teriyaki Bomb is using the word "friction" as a synonym for "constraints" and not "toil".
deaux
2 days ago
> I don’t care about your Show HN unless you have spent a month on it.
100%, you actually stated it correctly. It's not "I don't care unless you've written/reviewed everything by hand". If someone writes something by hand in an hour, including ideation, and puts it on Show HN, realistically it's almost certainly not going to be worth even looking at.
I've been running an app in prod for more than a year now, mostly vibecoded long before HN believed it was possible - HN only started believing this around Jan this year at the earliest. But nobody who uses it cares, or even notices, because it took a month to build. That's what matters, the amount of time and thought put into it. Of course it's true that vibecoded projects have a much lower median amount of time and thought put into it. But that's like Louisiana having a much lower median income than California, it's just a median, not an inherent characteristic of being a Louisianan vs a Californian, there are plenty of poorer Californians and richer Louisianans.
manphone
2 days ago
It’s the same reason why everyone doesn’t wanna read LLM generated blog posts. The agreement used to be generally that you would spend more time writing than I would have to spend reading and when the agreement changes the quality changes as well.
27183
2 days ago
Writing is thinking. If you don't spend time writing, then you didn't spend time thinking. LLMs don't think. Consequently, if you outsourced your writing to an LLM the resulting artifact was born of a thoughtless process. Instead of engaging your readers in your thought process you're tricking them with a puzzle. Readers will try to understand what you're thinking about (at least the non-passive ones will). This activity is a dead end for LLM output.
jgraham
2 days ago
It's not that writing _is_ thinking, but (effective) writing _requires_ thinking. It forces you to take a collection of lose and incoherent thoughts and reify them into an argument that can hold its own weight.
sph
2 days ago
The art of essay writing allows an author to ascertain how well they understand a topic and work out the flaws just by trying to put it into words. Paul Graham speaks about this.
Leonard_of_Q
2 days ago
Is writing thinking? Good writing requires thinking but does that also go for sloppy writing? What is thinking? This is the subject of a discussion [1, 2] I'm in - which in true HN style has been greyed-out because of ${reasons} - regarding the question whether these models 'think'. Your comment on writing [being] thinking supports the idea that what these models do is a form of thinking: selecting the next most likely descriptor given the current problem space including all previously added descriptors.
efficax
2 days ago
writing is a form of thinking, but there are others
gavinsyancey
2 days ago
Yeah -- if it wasn't worth your time to write the post, why do I think it should be worth my time to read it?
duggan
2 days ago
Fabulous use of meta-irony, bravo.
UltraSane
2 days ago
Reading the output of a LLM prompt someone else wrote isn't useful as I can run the prompt myself. Having the prompt is actually more useful because I can run it in any LLM I want.
pixl97
2 days ago
Look at Mr infinite tokens over here.
locknitpicker
2 days ago
> It’s the same reason why everyone doesn’t wanna read LLM generated blog posts. The agreement used to be generally that you would spend more time writing than I would have to spend reading and when the agreement changes the quality changes as well.
That's not it at all.
The problem with AI slop is that in general it's not worth reading, because to start off even the author deemed the topic wasn't even worth writing to begin with.
Worst, most AI slop blog spam was obviously not even reviewed by the bloggers who prompted them into existence. This means is also content that even the bloggers themselves felt wasn't worth reading at all.
But somehow they expect us to invest our time reading AI slop?
bombcar
2 days ago
Think how much LinkedIn slop wasn’t worth reading BEFORE AI; but at least some effort had to be put in. Now none is needed.
pydry
2 days ago
Or rather because they are always just of poor quality
ungovernableCat
2 days ago
If you had a time machine and you could republish a claude generated article about some interesting tech topic to 2010 I'm sure it would get ok engagement.
To me the issue is that everything becomes written in the same style pattern. I don't know why but if I spot it I wince internally and immediately skim the post or just outright stop reading. A large part of it is overexposure. For me it's made browsing the internet quite uncomfortable since it's unavoidable.
I mainly spend my online time in group chats these days.
27183
2 days ago
> ok engagement
That is such a miserably low bar
pmarreck
2 days ago
Define “quality”
(I’m pretty sure both you and I would “know it when we see it”, but…)
lproven
2 days ago
There was an entire book about that 50 years ago, and last month someone brought that thinking and analysis to the LLM-bot issue:
EDIT: this is the one I was thinking of...
https://sinclairtarget.com/blog/2026/06/01/quality-in-the-ag...
But this is relevant too...
https://bersas.substack.com/p/zen-and-the-dance-of-generativ...
Der_Einzige
2 days ago
[flagged]
hilariously
2 days ago
Then why don't you just eat soylent and drink tap water while using only your imagination? The medium is also part of the message.
whateveracct
2 days ago
heh you know a person with "carbon chauvinist" in their vocabularies already does just eat soylent
mbesto
2 days ago
You can't unilaterally say all AI blogs are low quality. That's bullshit.
> would spend more time writing than I would have to spend reading
To your point however, the reason people don't like AI generated blogs is because there is a explicit recognition that the author of the blog lacked effort. There is a visceral response for the reader about the social contract "if you didn't spend as much time as I did why should I care about what's written here", it's however NOT that the quality is inherently poor (but perhaps one my insinuate that notion).
deaton
2 days ago
> You can't unilaterally say all AI blogs are low quality. That's bullshit.
I can and I will say that, if not only for the fact that, in the eyes of many people, AI and the botched launch of the past few years has incurred a great amount of distrust. But, going further, the vast majority of AI-generated blog posts are lower quality, because they lack human thought and effort behind them. I'm not saying AI is completely incapable of writing what a human can, but we can't relate to how it "thinks", if you can call it that, and if someone is going to put enough effort into curating an AI's output and coaching it to make it output something that is really of a high quality... they just put in all of the human effort it would have taken for them to write it themselves.
I also don't think this should be construed to mean that human-written posts are universally good. AI slop is just the latest and most farmable iteration of a long history of badly written and poorly thought out content on the internet. In some ways the average AI blog is probably more coherent than any flat earth blog.
I also think that that visceral disgust at consuming AI generated work points to something else. We are all still trying to grapple with the ethical boundaries of what is okay and what isn't okay to do with AI, but I think most people feel deceived when they find out they're watching an AI video, or reading an AI blog post, and rather than assuming people are wrong to feel that way, we should consider that their feelings on the matter do matter. Nobody wants to be fed algorithmically optimized fake slop by YouTube, and that's okay.
asdf88990
2 days ago
> You can't unilaterally say all AI blogs are low quality. That's bullshit.
Quality is a bit nuanced but that quality of AI generated content is subpar to expert output is fairly established.
The implications of this ever becoming false amounts to GAI.
asdf88990
2 days ago
AGI*
andsoitis
2 days ago
> You can't unilaterally say all AI blogs are low quality. That's bullshit.
Can you point us to a single blog (or even blog post) that is generated by AI that is excellent quality? Or even average quality?
lproven
2 days ago
> You can't unilaterally say all AI blogs are low quality. That's bullshit.
Watch me.
I absolutely can and do. And pictures, and videos, and picture posts, and comics, and all image-format content.
If it wasn't worth creating with someone's brain, it is never ever worth my time to consume the prompt output.
Send me the prompt. I might look, if I'm bored.
budsniffer952
2 days ago
>Ideas have always been cheap. Now, proof of concepts have become as cheap. I don’t care about your Show HN unless you have spent a month on it.
Yes. I'm as pro-AI coding as people come, but this is the part that bugs me too. If you whip something useful up in a weekend, great!
But you don't have to present it like you are building an actual product. It's fine if no one else knows about it. Because the fact is, most people don't care, even before AI. Building for yourself is fine.
dnautics
2 days ago
building for yourself (or a few people) is amazing! and AI coding really makes this tractable.
locknitpicker
2 days ago
> They get abandoned because they get generated on a whim.
I think it's more than that. These greenfield projects are actually things that, up until the inception of LLMs, they were not worth creating.
With AI code assistants, the cost of developing them is lower, but in the end you still end up with a project that no one bothered to create.
ljm
2 days ago
It's very strange to vibe code a project and feel both a lack of emotional investment but also the cognitive overhead of steering an AI.
The process of iteration, or the feedback loop, typically allows space to try things out and experiment and then either drop an idea or refine it more purposefully. And those breaks in between the pure delivery to focus on that gives you room to breathe and also see the progress of your work.
Blatting it out in 6 hours with Fable 5 skips all of that and you have something like an MVP, but you haven't really put anything of yourself into it. So why bother committing unless you can take that further or apply something novel or reflect your own personality in it? Or you genuinely believe you're on to something and the AI approach actually gave you a path to building it?
I've been 'vibe coding' something, I've spent about a month on it on and off along with a fair bit of debugging on some sticky issues. I still think I'd suffer going into that codebase and doing stuff in it by hand, no matter how well I thought I organised it all.
DonHopkins
2 days ago
>Ideas have always been cheap. Now, proof of concepts have become as cheap. I don’t care about your Show HN unless you have spent a month on it.
I dunno, this idea guy seems to have some really great ideas, what's wrong with you skeptical programmers who aren't on board implementing his ideas for equity?
frou_dh
a day ago
Great point. It is simply lame impatient clout-chasing when someone goes out and promotes their project that is approximately as new to them as it is to the people they're promoting it to.
throwatdem12311
2 days ago
Maybe those ideas aren’t so brilliant.
BetterThanSober
2 days ago
I wonder how much they spend on this rewrite, in tokens and $ using commercial pricing
Cthulhu_
2 days ago
I wonder how much it costs them in the long run; the initial number mentioned seemed cheap enough (equivalent to 1-2 developers for a year - and I don't believe 1-2 developers could rewrite it in a year, for various reasons), but if it's a 1:1 "transpilation" to unsafe Rust... was it worth it? Will it be worth it in the long run?
But this is the longer running discourse about AI code's cost / benefit. I keep nagging my work's AI community to show me the numbers, so far nobody has been able to show an increase in productivity, quality, customer satisfaction, or company profits.
taude
2 days ago
it said in the original article on the bun rewrite ~165K.
hoppp
2 days ago
For that money they could hire engineers to do it without having so many unsafe blocks.
The only gain is speed.
Jnr
2 days ago
I saw an estimate of around 160k $ somewhere in HN comments about the rewrite.
crowdhailer
2 days ago
Not heard sunk cost fallacy described as a feature before. Interesting idea.
m4xp
2 days ago
Keep in mind logic bug that ai makes are extremely hard and expensive to fix as the clanker needs to parse thousand and thousands of lines of text every prompt while a human tries to explain what it's obviously doing wrong.
I hate ai so much because its so easy to generate quick slop that "appears" functional.
dennysora-main
2 days ago
[dead]
petcat
2 days ago
> Now if that's further migrated to safe Rust, put into production & gathered feedback from lots of users, yes then you have something.
Obviously they have to start somewhere if they want to get to safe rust with a considerable degree of battle testing. So they decided to start with just a transliteration and go from there.
I think the Zig people are really just concerned that maybe Zig itself is a DOA language because it doesn't offer enough over C for any serious use and their flagship project has now abandoned it.
Just search "segfault" on the Zig issue tracker and you'll see why people are starting to be skeptical of the future utility of such a language in the face of something like Rust.
shirol
2 days ago
> Just search "segfault" on the Zig issue tracker and you'll see why people are starting to be skeptical of the future utility of such a language in the face of something like Rust.
Zig has 110 open "segfault" issues [1] versus Rust's 175 open "segfault" issues [2]. So, by your logic, Rust is also bad.
edit: I was just trying to point out that the parent's "just search segfault" argument is lazy. Also, Zig is still in beta.
[1] https://codeberg.org/ziglang/zig/issues?state=open&type=all&...
[2] https://github.com/rust-lang/rust/issues?q=is%3Aissue%20stat...
post-it
2 days ago
You're not seriously out here posting raw numbers without considering the base rate are you
baranul
2 days ago
I think the open to close ratio needs to be provided in any such comparison. It would arguably give a better indication of which project is doing a better job at addressing incoming user issues and bug fixes.
jadbox
2 days ago
You're not seriously posting about base rates without any form of agreeable evidence around such base rates?
brookst
2 days ago
Yeah, well, my not-yet-written language has zero segfault issues raised, so it’s clearly superior to both Zig and Rust. I really need to get around to writing it because obviously it’s a much better design.
VWWHFSfQ
2 days ago
It's a bad metric, but also Zig didn't migrate all of their issues from GitHub. Run the same count on GitHub and you'll see the full picture
baranul
2 days ago
To make a better comparison, you have to add up Zig's issues on GitHub that weren't brought over and abandoned.
That would be Zig's 700 or so Codeberg issues + the 2,700 or so GitHub issues.
Ygg2
2 days ago
Without base rate you're comparing #X in a city vs #Y in a continent and drawing conclusions from that.
It's not even wrong.
pseudony
2 days ago
I program C for my day-job.
I see Rust encroaching in proposed transitions. It may even happen. That said, it is a poor match for it compared to something like Zig (or Odin). It's hard to make the new Rust code use existing allocator abstractions (so now you have two systems doling out memory, how do you reliably free composite objects with memory from both? How do they share?) and you increasingly have to either abandon any actual benefits of the borrow-checker, or invest increasingly heavily into sufficiently fat bindings to wrap your existing C/C++ in a way where the borrow-checker can assist you. That's before we consider the complexity of the language - I'd doubt a seasoned C programmer has much trouble deciphering Zig or Odin FFI bindings, but in the case of Rust? Yes, there is real friction.
Also if you really value predictable- and higher performance, being in more in control of memory allocations and cleanup is preferable. This is the direction both Zig and Odin cater to.
If you asked me what solves the most issues without adding too many new liabilities, I'd say Zig (or Odin). It would simply be much, much easier to transition a C codebase to either, and either would bring a much improved stdlib with pluggable allocators capable of leak-detection etc.
Xirdus
2 days ago
If you literally want one and only one allocator instead of the Rust's built-in one, that's been supported for years[1]. Almost 8 years, to be precise. It's very easy to implement and works with the entire standard library and all its abstractions, and almost every 3rd party library will support it out of the box too (except the ones that go out of their way not to support it for some reason). Borrow checking and all the other safety features are still fully supported.
Now, mixing different allocators is a different beast, and much less supported. But it sounds like you are very much not interested in this use case, right?
overgard
2 days ago
C++ programmer here. I've looked at transitioning some of my code to Rust; not particularly out of a dissatisfaction with C++ but more just out of curiosity. I've always ended up deciding against it though, I feel like its safety features just come at too high of a price for the kind of work I do. If I was writing something that needs to be super secure like a web server or something I think it would make a lot of sense, but for most of the things I do memory corruption is relatively easy to avoid with good patterns and a crash just kills a local application. YMMV but I think the "safety" of Rust gets a little overhyped.. most the bugs I run into are not memory safety bugs.
dwattttt
2 days ago
The safety aspects do get very hyped. It's better to consider the language strict about correctness; memory safety falls out of that, but so does other stuff, like less logic bugs.
pjmlp
a day ago
Thing is, this is from someone that likes Rust, but for various reasons has to reach out to C++ when going outside my daily use of managed languages, while C++ will never be as safer as Rust, there are many tools to get us half way there.
The big problem is that many projects keep ignoring those tools, the way Zig sorts out reporting use after free errors, the same solution exists for C and C++ for about 30 years now.
msdz
2 days ago
If you allow, I’m curious: If you felt familiar with the language just as much as with C/Zig/Odin, would you prefer Rust for a completely greenfield project that requires no C interop (or none more detailed than say providing a general ABI)?
pseudony
2 days ago
Sure thing :)
Just my opinion. It really depends. For systems- kind of software (low-level, DBs, file systems (also user-space)) no, I wouldn’t - if you manage memory with arenas and/or can plug in an allocator to tell you if you leaked memory (provided the codepath is triggered), I mostly get what I want with less mental overhead. Also, I very often want to interface with C libraries.
For games, again, I wouldn’t. I again strongly suspect I would and could organize my use of memory better.
I suspect Rust is best when you don’t want to interface with C code (except through bindings others wrote) and you’re maybe more doing applications development where C++ has also stood strong. I completely see how, theoretically, Rust can make a great language for an office suite, browser and so on.
That’s actually also when I tried Rust for a personal project. I wrote a desktop application and while I spoke to C code, I only did so through bindings others had written.
It was/is fine :) I still got a segfault bug though hehe.
Basically I liked Ocaml so I have huge appreciation for all that Rust tries to bring into the mainstream on that front. I am just not thinking that the borrow-checker makes it well placed to interop with C. It becomes much better for relatively isolated applications work.
metoobruh
2 days ago
[flagged]
Xirdus
2 days ago
I like my datacenters like I like my railway infrastructure - covered in enough protective layer of rust that it will never suffer structural damage even when running for years under extremely heavy load.
itsthetruth22
2 days ago
[dead]
Xirdus
2 days ago
Why do you recommend the living definition of not having any protections whatsoever for protection?
itsthetruth22
2 days ago
[flagged]
Xirdus
2 days ago
Is it nonsense to say C doesn't have any protections?
plandis
2 days ago
Is there a reason you cannot specify your allocator of choice in Rust? AFAIK, the abstraction exists to do just that.
p-e-w
2 days ago
> I think the Zig people are really just concerned that maybe Zig itself is a DOA language because it doesn't offer enough over C for any serious use and their flagship project has now abandoned it.
You hit the nail on the head there. Zig is 10 years old now and it’s pretty clear that the industry isn’t biting, compared to the behemoth that is Rust. Between Rust, C, and C++ there is very little room for another language with a woefully incomplete library ecosystem to establish itself.
A true competitor would need to offer genuine extra value, such as dependent types or other formal verification features, to carve out a niche.
baranul
2 days ago
There is also the fact of newer "closer to C" alternatives like C3[1] and Zen C[2], or more intriguing C family alternatives such as Odin[3], Jai[4], or Vlang[5].
Zig is kind of trapped. It can't go "head to head" with heavy weights like Rust, who specialize in safety, are more mature (post 1.0), and have lots of corporate support. Then there are the other C alternatives, who each offer something it doesn't have.
It appears the only way for it to maintain its position, is through heavy hype and marketing, but the whole Bun ordeal and extensive beta issues are subtracting from any such attempts.
[1]: https://c3-lang.org/
[2]: https://github.com/zenc-lang/zenc
[3]: https://learnxinyminutes.com/odin
selfmodruntime
2 days ago
The industry isn't biting @ Zig because it's unstable, notoriously difficult to integrate new changes into an existing codebase and because the compiler is a bitch to develop with (hard error on unused variables with no way to turn it off).
jdiff
2 days ago
Not sure that last one rings true. There are entire languages with no allowed unused variables (some without prepending a _ to the names) that people love to develop with.
In the industry, how often is it that a tool/language is picked up for the ease of developing that tool, vs ease of using that tool?
tayo42
2 days ago
Go has that same problem/feature
selfmodruntime
2 days ago
Yes, sadly.
cfiggers
2 days ago
> it’s pretty clear that the industry isn’t biting
Zig isn't finished yet (they still have not released a v1.0). They're still iterating on the language itself and want the flexibility to make backwards-incompatible changes while they do so.
So in a sense, they have not yet asked anybody in mainstream industry to "bite." After v1.0, when there's an understanding of stability and ongoing language support, industry adoption or lack thereof might become a relevant metric for measuring the project's health. But right now that's not relevant at all.
KingMob
2 days ago
I hear you, but Zig is also 10 years old now. While the authors may not want to signal they're ready, people make assumptions based on age regardless.
Either users think (a) it's actually ready after a decade, since many langs/libs are conservative with jumping to v1.0, or (b) they'll think it's [a toy/a side project/run by perfectionists] that's not ready for production, and might never be.
This isn't exactly fair for those who want to just take tir
dnautics
2 days ago
> A true competitor would need to offer genuine extra value, such as dependent types or other formal verification features, to carve out a niche.
believe it or not it is generally easy to do this with zig with few modifications (WIP), and the team has said publically that they will be making this sort of thing a supported operation once the IR stabilizes post-1.0.
overgard
a day ago
This is just a dumb take, hardly any language is immediately popular. Python, Ruby, etc. were still pretty niche 10 years in. Pretty much every popular language is 15+ years old.
hatefulheart
2 days ago
Python was invented two years before Java and didn’t move the needle until the mid 2010s.
You are the typical mark for hype cycles. Get a clue will you.
joshuamorton
2 days ago
Python was being used as a teaching language at flagship universities in the mid 2000s.
hatefulheart
2 days ago
Amazing! So was Scheme.
redsocksfan45
2 days ago
[dead]
baq
2 days ago
I was getting paid doing django in 2005-2006
schaefer
2 days ago
> Python ... didn’t move the needle until the mid 2010s.
Nope. I was on a Python project in 2006 and earned a paycheck doing so.
alexrp
2 days ago
> I think the Zig people are really just concerned that maybe Zig itself is a DOA language because it doesn't offer enough over C for any serious use
I promise you, hand on heart, that literally no one on the Zig core team is wasting their time on thoughts like this.
> and their flagship project has now abandoned it.
Quoting Andrew:
> So, when the Anthropic aquisition finally happened, we at ZSF breathed a sigh of relief. When the donation silently stopped, our bank account was ready for it. When they neither canceled their monthly meeting with us, nor showed up, we were not surprised. The relationship was over.
I advise you to take this paragraph at face value. Again, I promise you that it is the truth.
dnautics
2 days ago
> the Zig people are really just concerned that maybe Zig itself is a DOA language because it doesn't offer enough over C
I don't think anyone who actually uses zig thinks "it doesn't offer enough over C". Removing #define alone would have been worth it.
locknitpicker
2 days ago
> Removing #define alone would have been worth it.
If you reach out to any project manager and pitch the idea to rewrite a whole app from scratch because you want to get rid of #define, first you will be laught out of the room and second they will reach out to HR to get a PIP going because whatever the hiring bar they used to hire a developer you clearly are not meeting it.
dnautics
2 days ago
nice strawman. we're obviously talking about greenfield developmen, and then, probably not in corposlop environments.
cfiggers
2 days ago
I would say the flagship Zig project is TigerBeetle, not Bun.
eatonphil
2 days ago
If TigerBeetle is the Zig flagship then Zig is untenable for almost any team, because Tiger Style is untenable for almost any team. No, I think that Tiger Style makes Zig mostly unimportant.
On the other hand, as a corporate backer for Zig, TigerBeetle is definitely a big deal.
But in terms of exemplary and imitable projects in the ecosystem I would think something like Ghostty is the safer label for "flagship".
user
2 days ago
z0ltan
2 days ago
[dead]
Aurornis
2 days ago
TigerBeetle has a unique static memory allocation strategy at launch time. It’s a strategy that sidesteps a lot of memory management issues but only works for very specific use cases.
Their success with this strategy isn’t portable to most other projects. I think they really need more traditional flagship projects that generalize to typical memory management use cases. The way the conversation keeps coming back to TigerBeetle as a success story isn’t helpful to anyone trying to evaluate the memory management angle.
wavemode
2 days ago
I would say the exact opposite, actually - Zig is a language specifically suited for TigerBeetle's all-at-once approach to memory management, and the approach more commonly used in Rust (allocate wherever and whenever) is non-idiomatic in Zig.
> only works for very specific use cases.
It's not clear to me what you mean by this.
Aurornis
2 days ago
> It's not clear to me what you mean by this.
TigerBeetle calculates all the memory it needs at startup. It allocates that much memory once. It does not allocate memory dynamically.
This only works for very specific use cases, like a fixed server size where you know exactly how much memory you want to allocate to a process.
It’s not portable to general purpose computing, where it’s expected that apps aren’t allocating the maximum amount of memory they might use at startup. Their memory usage grows and shrinks as you open and close files or as your documents get longer.
> and the approach more commonly used in Rust (allocate wherever and whenever) is non-idiomatic in Zig
Allocating memory as needed isn’t a Rust-specific idiom. Most programming involves dynamic memory allocation.
I don’t think the Zig developers would go as far as saying Zig isn’t a good fit for dynamic memory allocation. If it was that simple this entire debacle could have been written off as “Bun requires dynamic memory allocation by nature, therefore Zig isn’t a good fit”. That’s not what Andrew Kelley is trying to say though.
cozzyd
2 days ago
It works really well for a ton of use cases (e.g. any data acquisition task, which is mostly what I use C for...)
wavemode
2 days ago
> This only works for very specific use cases, like a fixed server size where you know exactly how much memory you want to allocate to a process.
So, like, the JVM with its "initial heap size" setting? After reserving that space from the OS on startup, pieces of the space are then handed out by the JVM's internal allocator, where and when needed.
If initial heap size and max heap size are the same, that initial one is the only malloc() call that ever happens. Not as common for desktop software, but a common best practice when deploying JVM applications to servers.
(I think we're perhaps tripping over two different meanings of "allocate" - you can "allocate" in the sense of calling malloc(), and you can "allocate" a piece of that reserved memory to a particular scope/function/object without actually calling malloc.)
> Allocating memory as needed isn’t a Rust-specific idiom.
I never said that.
pjmlp
a day ago
There isn't such thing as "The JVM", there is a standard with several implementations, which one with their own approach to memory management.
You might be mixing it with the reference implementation for the standard, OpenJDK, and even then, it depends pretty much on which set of configuration parameters are given.
Xirdus
2 days ago
The funny thing is that Rust works perfectly fine with statically preallocated memory. It's not even against its idioms - most code will work with zero changes. In a way, the borrow checker is the perfect tool for this situation, since nothing owns any memory and everything is borrowed from the static allocation.
wavemode
2 days ago
There's definitely one code change that's needed - you need to override the Allocator being used by standard library containers (or, live without standard library containers) and by any third-party dependencies you have. That feature is not even stable, let alone idiomatic.
Xirdus
2 days ago
Using the allocator interface is only required if you allocate, which in this context you explicitly don't. If you want to use static preallocated memory in Rust, you'd have to use #[no_std] and only have access to the core part of the standard library. On the plus side, this is a very well supported and stable configuration, the core library is still pretty rich, and there's plenty of no_std libraries to choose from in the ecosystem.
I used "most" in the pedantic sense of "just a little bit over 50% if you count individual lines and not whole libraries". Most code doesn't operate on Box, Vec, String etc. directly, and is happy with & and &mut to underlying data. And even when it does, it's usually used for giving static lifetime to data, which is a non-issue here because all your preallocated memory has static lifetime already.
marshray
2 days ago
Do they really not have any kind of sub-block dynamic allocator?
Does the program handle character data? It is indeed a rare server app which never handles strings.
rasmus1610
2 days ago
some may argue for ghostty but yeah :)
fridder
2 days ago
or libghostty
pjmlp
a day ago
TigerBeetle is hardly a product to drive Zig adoption.
Tade0
2 days ago
> So they decided to start with just a transliteration and go from there.
Huge problem with this is that typically safe, idiomatic Rust looks nothing like unsafe Rust.
ACCount37
2 days ago
I used to think there's a good niche for "better C" - and that Zig was the one language angling for that. A language that can be used in the same contexts as C, to do the same things as C code, in very much the same way, but with some modern features, some stronger guarantees and some helpful syntactic sugar? A welcome thing for embedded development.
On the other end, Rust to me felt like "better C++" - outside the embedded niche, aimed at complex multithreaded code that has to combine high performance with not catching on fire because someone fucked up concurrency once again.
But the main issue I had with Rust - that it's frankly a bitch to write, nearing Go levels of awful, only worthwhile if its paradigm is buying you a lot - is diminished if it's an LLM that's doing the bulk of the line to line writing.
And, on the other end, C's warts, footguns and ancient quirks also matter less if you have an LLM plow through it.
So, the niche for Zig does seem to be shrinking. The window for it to establish itself might be genuinely closing now. Which is a shame, because I like the idea of having "better C" a lot. But all of this drama sure isn't helping it gain traction.
renox
2 days ago
> And, on the other end, C's warts, footguns and ancient quirks also matter less if you have an LLM plow through it.
'plow through it's?? An LLM can definitedly fall into these traps!
Happened to me a few months ago, I couldn't believe that an LLM would generate a use-after-free in not-so-complex code but it did.. Newer LLM seems better now but buyer beware!
agentultra
2 days ago
You still need an expert human to drive an LLM. And even then, with C, you need to be very careful. LLM’s generate lots of code. Code that has no obvious errors in it. The kind humans aren’t good at picking up on their own. You need other tooling in place to support human experts to prevent this kind of stuff as you would in a non-LLM contribution.
AnimalMuppet
2 days ago
What makes go so awful to write? My impression was that Rust was hard, at least until you understand the borrow checker, and go was pretty easy. (This is my impression from outside, that is, I don't actually use either language.)
calgoo
2 days ago
Not OP, but normally people complain because its boring, but these days, have an LLM generate all the template coding, the json mappings or whatever people dont like. Personally, with all the compromised NPM and PiP packages, when i PoC / vibe code something, i tend to use Golang very few external packages (native sqlite) and thats it. Also really nice to be able to package up the App and all related files into 1 binary.
wren6991
2 days ago
> And, on the other end, C's warts, footguns and ancient quirks also matter less if you have an LLM plow through it.
Warts and ancient quirks, I can kind of see, but in what way have LLMs solved the footguns?
ACCount37
2 days ago
Mostly, by having enough diligence and attention to avoid a lot of the common ones.
By now, if we're pitting a top of the line coding LLM against a B-tier programmer throwing something together in a hurry, I would expect the latter to shot more foot, and not by a narrow margin. Even those who know better don't always do better - for a human, "fucks given" is a painfully finite resource.
Shorel
2 days ago
You write Better C and the first thing I think about is D-lang.
ctvo
2 days ago
I wouldn’t write Zig off yet. The faster compilation time is a giant moat. Depending on how LLM usage evolves it could be what ends up mattering.
ACCount37
2 days ago
I'm not writing Zig off myself. I would prefer if it succeeded. But the outlook is: not good, in my eyes.
Pre-2022, Zig was doing decently, but not particularly well. It didn't have Rust level of enthusiasts and ambassadors (love them or hate them, they did succeed in driving considerable Rust adoption), it didn't have a major corpo backing it, it had too much API instability to be truly relied on. Picking a stupid fight with Bun/Anthropic and doubling down on it isn't helping with any of that.
I also don't think compilation time makes for a good moat for agentic AI coding? Like, sure, less time wasted = better. But LLMs don't perceive time as humans do. They don't have the human "40 minutes of compile time = a hard forced context switch" quirk. The state of an LLM agent is as "stale" after a 40 minute build as it is after a 40 second build - no attention penalty for getting distracted.
There is a hard "wall clock time" iteration speed penalty, but I expect LLM coding to be more agentic, not less. In which case a single sub-agent stalling might not matter much? The orchestrator AI would just keep doing other things, and come back to the stalled sub-agent when it's ready. Once again: long stalls hurt the worst if they route through human attention. The less human attention there is in the system the cheaper they are.
neutronicus
2 days ago
A day or two ago someone posted about abandoning Haskell because compilation times had become a bottleneck with Agents. FWIW
robocat
2 days ago
HN discussion: https://news.ycombinator.com/item?id=48859673
1 minute skim of that surfaces aviaviavi's comment on moving to Python not Rust:
Main factors were (roughly in order):
- None of us are experts in Rust, and we're all solid at Python.
- Rust felt like an under-correction for what we wanted (get all friction in front of the LLM out of the way).
- Our high-performance stuff is not being migrated at this time (Scarf Gateway), so we're just talking about basic CRUD backends here. Basically any language will workAurornis
2 days ago
I write a lot of Rust and work on some large-ish code bases. I’ve also done Zig work and work in other languages with fast compile times.
I don’t think this is a huge moat any more. Structuring Rust codebases in a modular way to keep incremental compile times down is common. The biggest complaint about it is from people who simply don’t like the structure and want to put everything into one big package, but that’s a stylistic choice.
pmarreck
2 days ago
also, the fact that you can compile to any target from any target
SwellJoe
2 days ago
"Rust - that it's frankly a bitch to write, nearing Go levels of awful"
Go, awful? That's wild. I find Go to be maybe the most pleasant language I've ever used. It's just delightful for its niche (web services, system tools, things of that nature), I've never seen anything better.
olzhasar
2 days ago
A typical comment on Hackernews nowadays:
I used to think that there's a a room for better C -> Some unrelated complains about Rust and Go -> C has footguns, but they don't matter that much because I choose to not write my code myself anymore -> Therefore there's no room for better C.
neutronicus
2 days ago
Yeah, I mean … as a C++ dev I have those same existential “what’s the point” questions about Zig.
araoz
2 days ago
AFAIK zig is not trying to be "better C++" (that is Rust), zig is more like "better C". a ergonomic low level lang with very little abstractions. zig explicitly doesn't want to be better C++ or rust
neutronicus
2 days ago
Oh, I get that.
That’s what I’m saying. I hear “Better C” and my initial reaction is “what’s the point”. Like, why would you aim for “Worse C++”?
I mean, compile times. That’s fair.
pjmlp
a day ago
Even those aren't that bad, when using C++20 modules, coupled with binary libraries.
Granted we "aren't modules" yet, unless being on latest compilers with msbuild/cmake/ninja tooling.
neutronicus
a day ago
Perhaps theoretically, with good practice, but at my job it’s fucking brutal.
But to your larger point I would much rather work on improving that than let it drive me back to C fetishism.
herrkanin
2 days ago
> How is that better than the Zig codebase you started with?
In contrast with the Zig codebase, you now have clear well-scoped unsafe boundaries you can iteratively fix one by one. This was not the case before.
petesergeant
2 days ago
I would go further and say that anyone who doesn't immediately identify this either isn't thinking clearly about this, or is intentionally ignoring it. I have no horse in this race AT ALL and this is _obviously_ the advantage.
lunar_mycroft
2 days ago
Except that writing safe rust often requires designing the architecture around rust's ownership model, meaning a file by file, line by line translation doesn't necessarily leave you much closer to safe rust than you were at the start.
selfmodruntime
2 days ago
This is untrue. You can do a file by file translation by using clone and copy liberally. After you're done, you can incrementally introduce borrowing.
lunar_mycroft
2 days ago
You can also do one by using `unsafe` liberally, especially if you're flexible about actually upholding rust's rules (as the bun team just did). But either way, you're still stuck with a code base that's going to need extensive refactoring if you want to actually take advantage of rust.
Tadpole9181
2 days ago
Which is still a step ahead of Zig, which requires an entire rewrite to have the tiniest shred of RAII or borrow checking. What's your point, that if we can't do everything perfectly in one step we can't do it at all?
lunar_mycroft
2 days ago
> Which is still a step ahead of Zig
First off, you seem to be under the impression I'm a rust hater. Noting could be further from the truth. Rust is easily my favorite language at this point, I reach for it for basically everything (except quick scripts). While I do like a lot of zig's philosophy, I think at the end of the day the empirical evidence is overwhelming that manual memory management isn't sufficient.
> What's your point, that if we can't do everything perfectly in one step we can't do it at all?
My point is exactly what I initially said: you typically aren't much closer to a (mostly) safe rust codebase if you've done a line by line port to (partially unsafe) rust than you were to start with. Getting to safe rust is very likely to require substantial refactors either way. This doesn't mean you shouldn't do it (on it's own), but it does mean that the bun team's strategy/assumptions are more questionable than they appear to realize.
selfmodruntime
2 days ago
> You can also do one by using `unsafe` liberally, especially if you're flexible about actually upholding rust's rules (as the bun team just did
As in, they did not, which I can prove by using Miri and seeing hundreds of errors.
lunar_mycroft
a day ago
I didn't say they made a good, safe port. I literally said the opposite ("especially if you're flexible about actually upholding rust's rules"). You can get a line by line port to compile by just wrapping the parts that violate rust's ownership rules in `unsafe`. You won't have fixed the problem, and it won't be memory safe, but you can do it.
marshray
2 days ago
Well, only if Clone/Copy is compatible with the semantics of the API. I.e., the called function doesn't need to modify anything. No &mut params (or data members) except perhaps `&mut self` (which would refer to definitions the same file).
That's usually the case for Rust programs because the language encourages it. Are Zig programs like that?
lunar_mycroft
2 days ago
To be fair, you can throw an Arc<Mutex<_>> or Rc<RefCell<_>> at it if you're starting from something that has multiple "mutable borrows", but that adds runtime cost and complexity.
Klonoar
2 days ago
It’s fully possible to have scoped areas of borrow checker influence, which could be introduced after the port.
cyber_kinetist
2 days ago
> clear well-scoped unsafe boundaries
This is not done by blindly porting Zig code 1:1 and calling it a day. You do have to make conscious decisions about code architecture to manage Unsafe code, since you need choose the right invariants for your Safe Rust code to conform inside the module (Note that unsafe pollutes the whole module containing it, not just the code inside the unsafe block!)
lolinder
2 days ago
No one involved in the port proposed "blindly porting Zig code 1:1 and calling it a day". From the first blog post the creator said:
> We can gradually refactor it to reduce unsafe usage and look more like idiomatic Rust after Bun v1.4 ships.
What the rewrite does is make the unsafe code greppable, which is a necessary first step to eliminating it and one that's actually achievable rather than going straight to idiomatic.
Every successful refractor takes this form of stepwise changes that leave the behavior intact. It just so happens that in this case the first stepwise change was the implementation language.
cyber_kinetist
2 days ago
> We can gradually refactor it
Is quite a hell of a statement, when memory management issues are highly nonlocal and need some careful design upfront in order for you to nail it.
Unsafe isn't something that you can gradually clean up. Even one single flawed usage of unsafe (an ill-assumed invariant) can poison the whole program in scary ways, and might require a total refactor of your codebase to fix it.
Tadpole9181
2 days ago
You're not helping your case.
So if I use Zig, I need to do all of that perfectly from day one and I don't get any help from static analysis to do it. Or else I've poisoned my whole program in scary ways and will require a total refactor where I still won't have any help and once again can't make a single mistake.
metoobruh
2 days ago
You're not helping your case.
> [what you just wrote]
So they gained nothing from a Rust rewrite, except introducing more bugs into their shit codebase.
Tadpole9181
2 days ago
Except the blog post shows that they fixed a hundred or so known issues, patching several memory leaks and making the project viable for Prisma Compute's adoption - which it wasn't before. It's now running in production in two places just fine.
Can you point to an equal number of issue tracker tickets showing novel bugs or regressions in the canary build?
endospore
2 days ago
Yes, they have introduced (at least) several times more memory safety issues by violating the rust specific rules. Check how most of their unsafe blocks are unsound and worse, how many are straight up incorrect with a total bs // SAFETY above it, leaving no sensible usage without invoking UB.
We often ensure a project holds water against miri. This one doesn't even pass for clippy.
user
2 days ago
lolinder
2 days ago
You realize that what you're describing is inherent complexity in memory management? This is not something that you can dodge by using Zig, it's just part of the domain.
The difference is that in Rust you get strong guarantees for everything that is not inside of unsafe and clearly demarcated areas where things might go wrong. Even if you never eliminate a single unsafe block, the clear demarcation is valuable as an artifact in its own right.
cyber_kinetist
a day ago
The art of Unsafe Rust is marking the right demarcation with the right set of invariants that Safe code must adhere to inside the module that uses Unsafe. If you do this incorrectly, then even Safe code outside the unsafe block can cause undefined behavior.
Which is why having unsafe code without exactly specified invariants is practically useless: the Bun rewrite code has too many SAFETY comments that are incorrect and misleading, so most of the unsafe demarcations aren't helpful in achieving UB-free code.
baokaola
2 days ago
There's only one language that's more dangerous than C and that is unsafe Rust. I say that only half-jokingly.
selfmodruntime
2 days ago
It's true and I write Rust and love it dearly. There is an entire book about working with the unsafe keyword and its aliasing rules: https://doc.rust-lang.org/nomicon/working-with-unsafe.html
hota_mazi
2 days ago
What do you mean?
C is unsafe 100% of the time. Rust is only unsafe in unsafe{} blocks.
uecker
2 days ago
This is nonsense. There is quite a subset of C which is perfectly safe and an even larger one which can easily be safe with tooling. You could argue that unsafe keyword is easier to spot than the unsafe features of C, so that makes it somewhat easier to screen for issues. But if you screen for memory safety only, this is problematic anyhow.
Ygg2
2 days ago
Good job falling for the Zig propaganda. I say that half-jokingly.
EDIT: You can't be serious people. Rust unsafe is safer than C, if for nothing else, for knowing which pointers are aliasable.
selfmodruntime
2 days ago
This isn't propaganda, the Rust compiler's rules when using the unsafe keyword are difficult to uphold, which is why the community wrote Miri.
Ygg2
2 days ago
Ok, and how does, in your opinion, compiler rules enforcement work in an unsafe block?
And how does Miri help solve this issue?
selfmodruntime
2 days ago
> Ok, and how does, in your opinion, compiler rules enforcement work in an unsafe block?
By the engineer's wit of course!
> And how does Miri help solve this issue?
By detecting undefined behavior caused by violation these rules
dwattttt
2 days ago
Is there a "Rust compiler's rule" you can point to that's harder than avoiding UB in C or C++ in similar circumstances? They strike me as very similar beasts.
Ygg2
2 days ago
> By the engineer's wit of course!
Seeing how the Rust compiler isn't an LLM, it can't really work on wit.
From the POV of a programmer, how would you implement an unsafe block? What is disabled vs what's enabled?
> By detecting undefined behavior
Say you are tasked with making Miri; how do you detect violations of these rules?
selfmodruntime
2 days ago
There is almost zero reason for a public facing, non-embedded project like Bun to use unsafe anywhere.
cyber_kinetist
2 days ago
You do have to inevitably use unsafe because of FFI (Bun uses existing C++ modules like JavascriptCore for most functionality). Optionally also for performance (at least if you want to win Deno on that front)
sporkland
2 days ago
> There's so much good stuff in this post.
The post starts off so cynical. I know a few people at anthropic and oai and the simplest explanation also matches my observations that they actually believe what they say. That agents will be doing the bulk of the programming in the not so distant future. They believe they themselves will be out of jobs at that point.
They aren't managing some message and trying to teach the anti AI folks a lesson.
nsagent
2 days ago
Then they are naive. I've seen this a lot first hand during my PhD. Interpreting results in a way that reinforces their beliefs and ignores alternate hypotheses.
Frequently, those alternative hypotheses are demonstrated to be true. For example, "emergence" as was researched and proclaimed by many labs, including places like OpenAI and Anthropic is due to using too few discrete steps in sampling a continuous phenomenon. See "Are Emergent Abilities of Large Language Models a Mirage?" [1] for example.
27183
2 days ago
The number of people who think the emergence thing is settled smh... It's been a thing for at least 30yr, answering it one way or the other would be a big deal. It does nobody any favors having these infinitely capitalized hype firms calling themselves "labs".
nsagent
2 days ago
Sadly, like intelligence and reasoning, I think emergence is a word that people discuss while having different understandings of what the word means.
In the paper I linked, they talk of a particular take on the word that is commonly discussed in the ML research: between one discrete step and the next a phenomenon came into existence without existing before (i.e. it occurred spontaneously). The paper then goes on to refute specific claims. That's all I'm pointing out (I could point out similar issues with research into reasoning).
I think it's difficult to pin down "emergence" in the general sense as it likely goes into a deep philosophical argument like consciousness, so I'm unwilling to state whether or not some notion of "emergence" actually takes place. In that sense I agree with you.
afavour
2 days ago
> I know a few people at anthropic and oai
> They aren't managing some message and trying to teach the anti AI folks a lesson.
Unless you know the senior execs in charge of marketing at these companies I don't know how you can make that assertion. I believe that a lot of the folks at these companies earnestly believe in the work they are doing. But a belief held by software engineers is not automatically shared by the marketing department, nor by senior execs.
"Anthropic is a giant company with a lot at stake and will seek to capitalize on any marketing opportunity" doesn't strike me as cynical so much as a statement of fact.
twister2920
2 days ago
> They believe they themselves will be out of jobs at that point.
now THAT is cynical
krater23
2 days ago
I'm sure that Jehovah's Witnesses believe what they say. But thats not a reason to let them in my house.
hinkley
2 days ago
But it’s really the same old problem we’ve seen for decades. Developers write code. Owners declare victory. Owners rid themselves of expensive opex. Owners sell the division or try to keep the project limping along but all they see is vaguaries from the new cheap guy who they keep telling isn’t good enough for a raise, company hemorrhages money and eventually sells for a song.
They’ve just found a way to explore that logical fallacy even faster.
nz
2 days ago
Owners and developers. I've been thinking about this a lot lately. Years ago, maybe in the late 2000s, when startups were becoming culturally significant, and "Tech" became an "Industry", two books were written and published: Founders at Work by Livingston, and Coders at Work by Seibel. I read both, and recall the Founders-book being a bit of a slog -- I only read it once[0]. The Coders-book, I have been re-reading it for more than a decade. I am sure there are many people who would express the _opposite_ sentiment.
The existence of _two_ books, published by the same publisher, within a few years of each other, is a kind of tacit acknowledgement, that there are two categories of people (Owners/Founders and Developers/Coders), that have a kind of symbiotic relationship with each other. That relationship has always been a relationship of convenience and gain, not resonance and understanding and appreciation.
It is, in a way, similar to globalization: nations will support it, only to the extent that it can make them (or their elites) wealthier, and not because they actually care about peace, or the magnificent diversity of human culture and creativity.
Just as the globalized economy is fraying, so is the symbiotic relationship between Founders and Coders. I think it started with the pandemic, which caused (without pointing any fingers) a tension between Founders and Coders, and has been accelerated by LLMs. In some sense, the tactics that were use by Tech companies to wow and win customers outside of Tech, are now being used by Tech companies on other Tech companies. And those tactics involve making grand promises to people who have knowledge-gaps, and are otherwise easily impressed.
I did not realize that there even was a symbiotic relationship, until I analyzed US degree-completion-rates for 1970 to 2011[1][2]. I suppose it should have been obvious, but these things are difficult to perceive from the inside (even if you've been working in the industry for an entire decade). The big problem is that the symbiosis is asymmetrical: founders get the money, and pay the coders, and are able to fire and replace coders at will, while coders can do none of this to the founders. This may have been fine, in an era where layoffs were rare, and getting a replacement job was less uncertain. But I suspect that the contest we are going to see in the next few years is: can Founders out-code Coders, or can Coders out-found Founders. Note that the Viaweb story (the archetypal startup-story for HN), is a story of Coders out-founding Founders (the equivalent of the late 90s era, did not found companies so much as administer small parts of them).
[0]: This is not a criticism of the author/interviewer, nor the interviewees -- the subject matter simply did not intersect enough with my own obsessions and fixations. I wish it did. It feels like I have some kind of color blindness, when it comes to "founder-y" things.
[1]: You can find a (fair warning: long) PDF here: https://galacticbeyond.com/pdf/two-percent-programmer.pdf
[2]: If you do not want to read all of that, here is a TLDR. The percentage of informatics-degree-completions never drops below 2% (which confirms an informal observation Knuth has made many times -- see his 3 or 4 oral histories and his interview in Coders at Work). The percentage of informatics-degree-completions rises and falls with business-degree-completions (the symbiosis is visible here). It never exceeds 4.5%, and such doublings coincide with bubbles (the dot-com bubble, and the 1980s AI-bubble -- there is a history section that helps narrate these numbers). Most intriguingly, informatics-degree-completions are _perfectly inversely correlated_ with healthcare-degree-completions -- their first-derivatives are nearly perfect mirror images. Also, the majority of graduates are business-graduates (accounting, administration, etc -- economics belongs to social-sciences instead of business), and their numbers have doubled since 1970, at the expense of social sciences and education (I suspect that this has had an impact on our (both global and American) culture akin to the impact that climate-change has had on our planet, but I have no data to put behind that suspicion, yet).
lioeters
2 days ago
That was an excellent thoughtful comment, thanks. I'm going to be thinking about this part particularly:
> I suspect that the contest we are going to see in the next few years is: can Founders out-code Coders, or can Coders out-found Founders.
lennxa
2 days ago
the rust is merged into main https://github.com/oven-sh/bun
and the rust version has been live in claude code since june 17th.
saghm
2 days ago
> Can't help to think of a recent HN post about most AI-generated projects being abandoned within months. Why?
> Because value of a project is not in the code produced. It's in the amount of battle-testing that code has seen.
I'm not convinced this explanation is self-evident enough to assert without any justification. I can think of at least one other plausible one, which is that maybe most side projects in general get abandoned after a certain amount of time, and being able to write the code a lot faster means that the point of diminishing returns for personal utility, enrichment, or pleasure are reached a lot faster.
pizlonator
2 days ago
I read a decent chunk of the rewrite.
It’s inaccurate to call it a rewrite. It’s more a transliteration - it matches the original Zig almost exactly but the syntax is different.
And yeah, unsafe blocks anywhere that rust would have complained
So it’s highly likely that the “rewrite” is exactly as reliable as the original.
(It sure feels like this was done for Anthropic marketing reasons, the more I think about it.)
FeepingCreature
2 days ago
> Can't help to think of a recent HN post about most AI-generated projects being abandoned within months. Why?
I'm gonna offer an alternate theory. Because AI-generated projects are so cheap, there's no need to amortize them by advertising and creating a community. It works for you, you don't change your workflow, so there's no need to expand it. In this model, most AI-generated projects are done within days, not abandoned.
hypfer
2 days ago
> Because value of a project is not in the code produced. It's in the amount of battle-testing that code has seen.
Rel: https://www.joelonsoftware.com/2000/04/06/things-you-should-...
mekoka
2 days ago
As entertaining as that article was when it came out, I think its apparent wisdom should have been reevaluated for at least the past two decades. Even back when it was written, its pertinence was questionable, since it hinged on the perception that written code has particular value, to justify much of the failures at Netscape and Borland, neglecting many of the other -- probably more relevant -- business and human factors that were at play within the two organizations and their surrounding ecosystems. But lessons learned from watching startups fail in trove in the following two decades have mooted many of Joel's arguments. With the vantage of hindsight, if you read JWZ's account of what went on at Netscape, some of the dysfunctions become glaring.
Making software projects successful has always been about a lot more than just writing code. People have been "rewriting code from scratch" successfully even before LLMs. We just don't tend to call it that. We call it "cloning", "competition", "copy", "alternative-to", "reverse-engineering", "x-written-in-language-y", etc.
Ygg2
2 days ago
It's funny, but I think the article is showing it's age. It's no longer true.
In hindsight having automated auto complete rewriting your code base wasn't something on 2000's radar.
Now switching from language to language is much easier. Just for Rust, there was Ladybird and Bun complete rewrite, that ran into zero things that Joel rallied about.
RetroTechie
2 days ago
> It's funny, but I think the article is showing it's age. It's no longer true.
Joel argues 2 effects:
# Developer & time-cost of a rewrite is a big unknown. That's still true, but LLMs may cut that down by a factor of 10x or more. You cut time & developer-hours by throwing tokens ($) at it. An optimist might say this cost has vanished.
# Shipping a rewritten product is -by itself- an unknown risk. That still holds. You can do all the testing you want, but your test suite != your clients environment(s? multiply by number of users or target platforms).
A single bug that pops up in the rewritten codebase (which wasn't in the old one) can hurt a vendor's reputation badly if the stars align just right.
All in all Joel's article held up pretty well (esp. given how long ago it was written).
Ygg2
2 days ago
> Developer & time-cost of a rewrite is a big unknown... An optimist might say this cost has vanished.
I wouldn't say it vanished. I'd say it moved from unknown to known. It's highly likely that for code the size of Bun the price is around 200k dollars of tokens + a month of programmers time to monitor it.
> Shipping a rewritten product is -by itself- an unknown risk. That still holds. You can do all the testing you want, but your test suite != your clients environment(s? multiply by number of users or target platforms).
Fair point.
That said, it seems the number of relevant platforms is shrinking. Both on the hardware side - x86_64 AMD, x86_64 Intel, and aarch64. On the OS side, you have Linux, Mac and the dying Windows.
Still, it seems with enough tests and original source code, you can limit this risk to a few edge cases.
> All in all Joel's article held up pretty well
Aside from the fact that it mostly applies to commercial endeavors[1], it still missed the mark on old code decaying over time.
Turns out being exposed to the Internet has a chance to turn even old code sour.
[1] If you don't care about your users, or you care more about pleasing/attracting new developers, then points made in his article don't make rewriting it that bad.
causal
2 days ago
I think it was always hyperbolic to call rewrites the single greatest mistake (I can think of worse) but I think most of the wisdom still holds. And AI generated rewrites are arguably riskier because now NOBODY is familiar with the massive codebase.
ksec
2 days ago
>I don't think Zig community should get triggered on any of this.
As far as I can tell No one from Zig community got triggered by this other than the Zig team. People were angry about Bun switching to Rust not because it is abandoning Zig, but this reckless behaviour of not letting users know up front, no migration path or two parallel version testing and basically trust AI on everything.
The internet was pretty much on Zig's side or at least between Bun and Zig they were Anti-Bun for a lot of things. That was until Zig's reply.
J_Shelby_J
2 days ago
Agreed. That seemed to be the consensus in /r/rust
Lerc
2 days ago
>Can't help to think of a recent HN post about most AI-generated projects being abandoned within months. Why?
Because most projects are abandoned within months. Why should they be any different in that respect?
pier25
2 days ago
> Are Bun users happy with this?
I've gone back to Node.
There was a poll on r/bun with about 2000 votes and only about 30% of users voting they were going to use the Rust version. Can't seem to find it now.
Edit:
The poll was deleted
https://www.reddit.com/r/bun/comments/1u3j4d7/are_you_going_...
mooreds
2 days ago
Yeah, I was just commenting on a LinkedIn post[0] (don't hate the player, hate the game :) ). In it, someone talked about the difference between creating software and owning it.
Creating software with AI is super easy--plan, prompt, test, go, go, go!
Owning software means you're responsible for maintaining it over time, fixing edge cases, operating it well, and more.
If you're building a one-off custom webapp to meet your needs, create away. If you're writing software for a business to run on, you're owning it. My fav article on this topic is this post[1] on durable vs disposable software.
0: https://www.linkedin.com/feed/update/urn:li:activity:7482123...
1: https://www.honeycomb.io/blog/disposable-code-is-here-to-sta...
simjnd
2 days ago
I don't think Zig community is triggered, I think only Zig's creator is triggered because he is afraid of people interpreting this as "Zig is unsuitable for X".
I think a lot of people will, but those who do probably weren't the target audience for Zig in the first place?
busterarm
2 days ago
Context matters. Big announcements and uninformed blog posts can kill your momentum.
I still remember the Twitter dev blog where they abandoned Ruby/Rails and the damage that did. It turned out Twitter was doing a lot of stupid things and there was a mismatch of tools and their goals. They loudly blamed the tools and people ate it up because Twitter was big, visible and adored at the time. Their conclusions bypassed most people’s ability to reason.
Anthropic/Bun are big, visible and adored…
diegoholiveira
2 days ago
I remember that. It was the first time I heard about Scala.
I saw a lot of RoR companies/users thinking “should we do the same?” without even realizing that they do not have the same twitter scalability problems.
busterarm
2 days ago
It didn't even end there at Twitter.
The same engineer at Twitter decided early on that no distributed messaging technology was good enough for Twitter, so they wrote their own. It fell over and they threw it away and wrote their own again. It fell over and they threw it away and now they use mainstream tools.
JetSetIlly
2 days ago
Similar to Discord's migration from Go to Rust. The measurements and reasons they gave were true but even by the time of the migration, Go had already moved on and improved. They were using an old version of Go.
Rust might be the right choice for Discord, I've no idea about that, but the problem is that the blog post lives on and influences people to this day.
user
2 days ago
joshgachnang
2 days ago
I've run into a bunch of segfaults in Bun whenever I went slightly off the beaten path, probably from the "horrifying" Zig code. A huge test suite + a clean rewrite with a path towards more safety is how I would go about it too, personally. Now whether I would do that rewrite in Zig or Rust, I'm not sure. But I have high hopes it's going to work a lot better, especially since Anthropic uses Bun heavily.
Are LLMs better at writing Rust than Zig? I'd assume so, there's way more Rust open source code than Zig. And if so, that's a very solid reason to switch IMO.
vga1
2 days ago
I think the mistake people are making currently is that they publicize stuff way too early. I.e. they make a prototype and then put that out there. Possibly with a full product page and all.
People did this also before LLM, but the difference is that now the prototype is a fully functional product in the technical sense whereas before it was little more than a glorified Hello World. The human effort and calendar time used remains roughly the same.
There's gonna be amazing products made with LLM, but it'll take some time. Not as long as it did before, but still significant time.
andsoitis
2 days ago
> There's gonna be amazing products made with LLM
You think more amazing than what was made without LLM?
vga1
2 days ago
There is going to be something that would not have existed without LLM because there wouldn't have been enough resources to create it before. Probably already is. Some of it will be amazing, although most of it probably not.
Example: Qobuz has no official Linux client, but there's https://qbz.lol/ which it seems to me is mostly vibecoded. It's not perfect, but it works pretty well and can do some fancy stuff like bit perfect DAC passthrough up to 192kHz/24bit.
andsoitis
a day ago
I hear you, and those are good applications of LLMs: create something that didn't make economic sense before.
But I'm asking something slightly different. I'm asking about something that's amazing, not due to a different economic calculus, but something that's AMAZING that would not be possible to create by humans.
arjie
2 days ago
> Because value of a project is not in the code produced. It's in the amount of battle-testing that code has seen.
No, this is a classic mistake. The value of a project is in the instantaneous utility it provides integrated over time. Some things are valuable because they are throwaway single shots that do a thing that's hard. In the past, making those was too costly for the value, but as software drops to near-zero in marginal cost they're worth doing.
e.g. the costco receipts site involves clicking through to view receipts and only 10 'view receipt' buttons per page. I might have stuck it out in the past, but instead I just described the problem to my claw-like and gave it my user/pass and it found it for me while I was dressing the baby. It wrote some Playwright code and this and that and drove the browser interactively.
That code is throwaway code but it was quite useful.
chuckadams
2 days ago
> To me it reads like Bun was forked. Will the Zig version survive? Will the Rust one? Both? All options ok.
Maintenance of the zig code was abandoned, while the port continued in the same repo, and it's unlikely any work on the zig branch will keep momentum. So yes it forked, but more in the fork+exec sense (or maybe just exec, the analogy's not that great).
ivanjermakov
2 days ago
According to Andrew, bun-zig is not something some brave soul would be eager to maintain.
> We became increasingly horrified at the programming practices we saw in Bun's codebase. Hacks on top of hacks. Abuse of assertions. Most of all, recklessly speeding past feature after feature with very little time taken for reflection and elimination of bugs and technical debt.
Just "1MLOC JavaScriptCore wrapper" is enough to figure out why.
chuckadams
2 days ago
How many lines of code is Node, which is a wrapper for v8? I'm aware bun is not great quality, I tried and abandoned it myself, but Andrew's consistently bitter and spiteful tone makes him the worst conveyor of his own message.
ivanjermakov
2 days ago
> How many lines of code is Node
src/ 143k
lib/ 127k
test/ 716k
deps/v8/ 3.6M
zem
2 days ago
I think the line is between AI-generated and AI-assisted - I have AI assisted projects that I have happily been developing for several months and they are going fine, I feel just as engaged with them as I did with my hand coded projects, but also I am more engaged insofar as I actively manage the architecture and the code, and see to it that the AI is following the plan I have in mind.
people chasing after "one shot" code certainly aren't helping, I agree.
UltraSane
2 days ago
This is why IBM still sells so much ancient z/OS mainframe code, things like CICS are the most tested code in existence.
pjmlp
a day ago
And you can even program for z/OS and Aix with Go and Rust.
https://www.ibm.com/products/open-enterprise-sdk-go-zos
https://www.ibm.com/products/open-sdk-for-rust-aix
This is the kind of industry support Zig is still years away to get, and in the AI age, most likely will never happen.
cactusplant7374
2 days ago
> Because value of a project is not in the code produced. It's in the amount of battle-testing that code has seen.
It is in the marketing. Most software engineers are not skilled at marketing, do not have a large audience, and are not willing to spend money on advertising. It has nothing to do with code quality.
hoppp
2 days ago
Its true about the battle test
I wonder if new version of Bun has the same emotional values in Jarred's mind, I mean he did write it by hand and struggled for a long time and invested a lot of energy.
Meanwhile the rust rewrite just magically appeared to replace it.
Which one is more valuable for a person? High Effort or low effort?
torginus
2 days ago
I don't even get what they gain by Rust - Bun imports Webkit, which is a C++ project, relying on it for stuff like JITing Javascript. I would say that's a major concern, and making sure the JIT doesn't emit anything broken or naughty is completely outside the scope of Rust.
saghm
2 days ago
I don't have a strong stance on the overall issue of whether it made sense for them to port like this, but I feel like this misunderstands the value proposition of Rust. The point of Rust is not and has never been "make literally everything safe", it's "push the unsafe boundary as low as possible and keep as much as possible above it so that you can reduce the surface area for unsafety and more easily find bugs in the unsafe code". For some things, that means you can rely only on unsafe code that's in the standard library implementation, which is awesome. For others, you might need to rely on FFI to interface with external libraries, and that's obviously less ideal but still provides tangible value. In the worst case, you might need to write unsafe Rust code yourself, but you can at least take efforts to minimize the surface area of it by wrapping it in safe abstractions that enforce the invariants you need to uphold safety.
The idea that "anything other then pure safe Rust is useless" is common (even among some Rust proponents, but generally not the most experienced ones), but it's a pretty fundamental misconception of what Rust actually offers. Safety is a spectrum, not a binary, and while the extreme end of "everything is guaranteed to be safe no matter what" is nice when you can get it, Rust is literally designed to solve the problem of giving you the ability to slide along the spectrum to calibrate to the most amount of safety you an achieve rather than being all-or-nothing.
If you still think there's no value in enforcing safety outside of the lowest level stuff like JIT, I'd suggest being more explicit about why you're confident that memory safety bugs wouldn't be a concern outside of those contexts. I've yet to hear an argument for why I shouldn't be concerned about memory unsafety in even relatively mundane code in memory unsafe languages that doesn't basically boil down to "just be really really careful", which I'd argue has been empircally shown to not work even a little bit no matter how skilled the programmers writing the code are.
the__alchemist
2 days ago
> Rust is not and has never been "make literally everything safe", it's "push the unsafe boundary as low as possible and keep as much as possible above it so that you can reduce the surface area for unsafety and more easily find bugs in the unsafe code".
Another definition: Rust is a lang to "Run fast and low-level software/firmware, with nicer tools, features, and syntax than the other langs which can do this"!
Obviously, the value proposition you find in this case depends on the subjective nature of that regarding rust vs zig!
saghm
2 days ago
I don't think I agree with this framing because "definition" implies comprehensiveness in a way that "here are some properties which may not cover everything that's relevant" does not. Your "definition" implicitly ignores the safety mechanism that Rust has and Zig lacks, which does a lot of rhetorical work into making it seem like the only difference is in "flavor" rather than "substance". My argument that there is a meaningful difference in substance, just not the one that the parent comment (and plenty of others) expected.
the__alchemist
2 days ago
Semantics on "definition".
"safety" is not why I use and love it. I brought this up because someone who hasn't used Rust, but reads about it may assume it's a "safe" language; I would describe it instead as a nice all-around language.
saghm
2 days ago
I don't know if I totally agree with your characterization here either. I'd argue that if you're not actively writing unsafe code, then you are using it as a safe language, in the same way that Python and Java are also safe languages. Yes, I also think it's a quite nice language, but safety is important enough that any time you're comparing a language that can be used safely to one that fundamentally can't enforce safety, framing the choice as purely ergonomic (even implicitly) is misleading.
woodruffw
2 days ago
I think their original post lays out the benefits pretty well. I think the realization of some of these benefits is debatable (for example, they probably could have made their existing Zig code faster), but others are straightforward (like having fewer crashes because more of your code is provably “safe” in Rust terms).
(I think wrapping a large, complex C/C++ codebase is where Rust often shines, if you build the right joiner abstractions. PyO3 is a really great example of that.)
lolinder
2 days ago
> making sure the JIT doesn't emit anything broken or naughty is completely outside the scope of Rust.
It's also outside the scope of the project if they're using Webkit's engine for that part. Which means Bun itself isn't a JIT, it's all the stuff built around the Webkit JIT, so whether or not Rust is useful for the JIT is entirely immaterial to the question of if Bun would benefit from Rust.
lyu07282
2 days ago
They listed some of the memory bugs they had in the blog post, I just looked at three of them, the first one was this:
> heap-use-after-free crash in node:zlib when calling .reset() on a zlib, Brotli, or Zstd stream while an async .write() is still in progress on the threadpool
https://github.com/spaceraccoon/vulnerability-spoiler-alert/...
If you look at the fix you can see its all in their zig codebase:
https://github.com/oven-sh/bun/commit/621c4016218bb782e05907...
What is kind of funny is that nodejs also had a basically identical bug with an almost identical fix:
https://github.com/spaceraccoon/vulnerability-spoiler-alert/... https://github.com/nodejs/node/commit/53bcd114b10021c4a883b0...
But now the interesting question, how does the code look like in Rust?
https://github.com/oven-sh/bun/blob/8f1a9540fdff25410506de76...
It has the same guard in place as the zig and c++ versions, the rust code also just calls into the zlib bindings after the "write in progress" check.
So in this case at least the same exact use-after-free would've happened and they don't win anything from the rust port.
Another one was this:
> crash and out-of-bounds read in Buffer#copy and Buffer#fill when a valueOf callback detaches or resizes the underlying ArrayBuffer during argument coercion
I think ths is the fix:
https://github.com/oven-sh/bun/commit/79522ab6c579736dc239fa...
But the bug here is in C++ bindings, Rust wouldn't have helped here either.
Last one:
> double-free crash in the CSS parser when background-clip had vendor prefixes and multi-layer backgrounds
Fix: https://github.com/oven-sh/bun/commit/912970c98437e418a95b6b...
Code side-by-side:
Rust: https://github.com/oven-sh/bun/blob/8f1a9540fdff25410506de76...
Zig: https://github.com/oven-sh/bun/blob/912970c98437e418a95b6b5b...
I can't judge the Zig code, perhaps someone could say if this was a "beginner" mistake.
But this is at least one case where Rust would've helped, although even that is a bit complicated considering stuff like bun_ptr:
// Lifetime-erasure helpers (RUST_PATTERNS.md §6/§18) — re-exported here so
// crates that already depend on `bun_collections` (logger, css, js_parser,
// crash_handler, watcher, http_types) can route the borrowck-dodge through
// one centralised `unsafe fn` instead of open-coding the lifetime cast.
pub use bun_ptr::{RawSlice, detach_lifetime, detach_ref};
Which is a bit concerning?deaton
2 days ago
I've always viewed unsafe Rust as a sort of last resort you use when you just can't do something safely. Porting something to "unsafe Rust" to me feels pointless, and of course this hasty rewrite was probably not the best idea from any perspective.
lolinder
2 days ago
If the end state were unsafe Rust, you'd be right, but that's explicitly not the intended end state. Unsafe Rust was the reachable first step. Now they have a Rust version and can iteratively remove `unsafe`, which they couldn't do before when it was in Zig.
selfmodruntime
2 days ago
It's the wrong abstraction though and I am kind of not surprised the Bun maintainers went way. The correct abstraction would be to translate into Rust while using `clone` and `copy` liberally and then iteratively converting to a borrowing model. Nowhere at all was an introduction of the `unsafe` keyword needed.
lolinder
2 days ago
That's only the correct abstraction if you intended to hold off on releasing the rewrite until you were completely finished, because there's no universe where Bun of all projects releases a production version that uses clone and copy liberally.
Unsafe in theory in a transliteration is only as unsafe as the original Zig was, which makes it a perfectly reasonable place to land as a transition point in a way that introducing large numbers of allocations simply isn't.
metoobruh
2 days ago
[flagged]
redwood
2 days ago
Of course the deeper points can be made that relatively few folks were actually using Bun. After all Bun was itself a faster horse compared to the dominant runtimes it was aiming too replace. Ironic, the way this whole meta conversation is playing out.
causal
2 days ago
That battle tested bit is so true, always was. It’s hard for engineers to admit their hard work is worthless until they have let other people use and shape it.
overgard
2 days ago
Honestly I also think most vibe-coded projects are just.. kind of bad ideas. Which is fine! It's good to be able to determine an idea is bad quickly, there's value in that, but I think people ignore a really important aspect of creativity: the insights you need to have a good idea come from struggling in the muck and struggling in the medium. It's really hard to have good ideas from an ivory tower, you need to get into the details.
waterTanuki
2 days ago
> Battle-tested, mature code > fresh rewrite.
> Existing Zig codebase has seen X amount of battle-testing. Rust rewrite: 0 (except -I'm assuming- passing test suites).
Not taking a side here in the whole Bun vs. ZSF dispute, but isn't the entire selling point of Rust that you get a bunch of battle-tested guarantees simply from compiling the program? Is there even a metric for battle-tested? I would say something like sqlite is battle tested vs a vibe-coded network server in c, but does that mean rewriting anything in rust truly mean starting all the way back at square one?
Also, didn't Anthropic roll out a version of CC using the Rust rewrite of bun? Surely they didn't just say "works on my machine" and chuck it into production?
naasking
2 days ago
> Can't help to think of a recent HN post about most AI-generated projects being abandoned within months. Why?
That which can be created with little effort can be dismissed with little fanfare, since it can easily be recreated later if there's a need.
The other category of AI abandonware is one-off stuff. It did its job and there's no further use for it.
CrimsonRain
2 days ago
That's such a bad take. You mention some good things they need to do but ignore the part that those are next steps and will take time.
You are acting like they need to complete everything at once...why?
Bun (rust) is not even released as stable yet and getting extensive usage on Claude code. They are making improvements and fixes. So what's the issue here?
TacticalCoder
2 days ago
> Can't help to think of a recent HN post about most AI-generated projects being abandoned within months. Why?
Because we have a near infinite number of artificial monkeys figuratively typing at a computer keyboard and, once in a while, they spout out something that looks like an acceptable program.
But it's not acceptable: it's sloppy-pasta.
> Because value of a project is not in the code produced. It's in the amount of battle-testing that code has seen.
Yeah. I don't know if we live in the same world as some other HNers: I pay not one but three AI subscriptions: Google (through Google Workspace), Open AI and Anthropic. I'm switching from Claude Code to pi.dev atm.
I'm using LLMs daily. The person next to me too.
LLMs produce shit code. Pure unadulterated shit.
They're extremely useful for many things, including finding bugs. But, to me, they simply suck at fixing them. They write horrible, verbose, code full of bogus assertions and cases that are not handled or not handled correctly.
I do verify the output they produce: the number of time it "works" but I look at the code and see sheer horrors and say stuff like this: "wait, if you replace A by B like you suggest, shouldn't thing X that A makes be done too?". (it's a rethorical question: I know I'm right).
"good catch".
No. It's not a good catch. It's a totally obvious catch that any programmer who's been in this since more a few years (a few decades for me) would catch instantly.
Now if there's one area were they're semi okay'ish is for porting code from one language to another. At least you get a base to start from: if you're lucky. And I suspect it's only looks good if you don't know much about the target language.
Also don't be fooled: we're talking about a company with tens of billions investments that fully knows AI is not enough. You can be sure there are countless programmers fixing, behind the scene, the sheer mess that their AI (with unlimited budget btw) is creating. And then they pretend it's a 100% automated AI rewrite.
AI is not only definitely not enough: it's useful for finding bugs, it's a good rubber duck, but the more and more time passes, the more I'm appalled by the shit code it produces and by the errors they make all the time.
If I wanted to be facetious I'd say that at least we're already --how things moves fast-- long past the point were the kool-aid drinkers explain to us that these thing are intelligent.
It's summer 2026 and, as I type this, the SOTA models all suck at writing code.
Am I still deep into it? Sure am. For basically everything but coding (finding bugs, documentation, translation, generating assets, automating dumb stuff, ...).
Oh well, going back to pi.dev facepalming myself and rolling eyes. I know it's going to be "good".
stellamariesays
2 days ago
[flagged]
getpokedagain
2 days ago
It's more than just the battle testing. Things that are not wanted by a community or by users are not important. AI delusion memes are fairly reductive but a commonality I see in many overtly ai evangelistic groups is an urge to build without motivation and agreement. The yes we can answer AI gives to user's every question is a failure mode trigger. LLMs are missing the filter an engineer with a human body may give you to an idea...
- Why would we do that?
- This seems pointless.
- This is fucking dumb.
criley2
2 days ago
Totally disagree that the value of a project is it's durability. The value of the project is almost entirely disconnected from durability. Value is simply the ability to solve a problem for you. I'll use a bad screwdriver before I use my fingers, even if I prefer good screwdrivers.
Claude Code was a vibe coded experiment, a "what if", that basically consumed software engineering in six months flat. Not because it's durable (it's not), but because the value it provided was so overwhelming.
People will use bad software if the value it provides is high. People will avoid the most durable and battle-tested software ever written if it doesn't actually provide value (solve a problem for them).
cavoirom
2 days ago
I guess the Rust rewrite is the exit path of the Bun's author so that the others could "handle" the code base.
jgalt212
2 days ago
> How is that better than the Zig codebase you started with?
It's not better, it's worse given the average bear's assumption about a rust project.
piokoch
2 days ago
"How is that better than the Zig codebase you started with?" - It will be worst, as this will not be idiomatic Rust. That's kind of interesting, BTW, as in next iteration LLM will be trained on tones of crappy code, created as some random rewrites, AI slops, etc., I am curious if someone will be able to curate this or it will be the same process of crapification experienced by Google Search that finally lost the battle with SEO spammers.
selfmodruntime
2 days ago
> How is that better than the Zig codebase you started with?
It's worse, and I say this as an avid Rust fan and programmer. Try Miri with the new Bun project. It's currently blowing up. The Rust compiler's non-unsafe aliasing rules still need to hold during unsafe, which are far more complex than writing correct Zig code. That's the trade-off about Rust: The compiler has a ton of clever proofs for safe code, but if you're on your own, you'll have to do the work yourself.