Christian Beaumont

Breaking: Sama on the stand Musk v. Altman "I was thinking of running for Governor at the time" Replying to the lawyer's question about Sama wanting to be president

uv has 350k lines of Rust, and 73 "unsafe" calls. The Bun Rust port is already 681k lines of Rust, and has over 13,000 "unsafe" calls.

It's not a question anymore, most of Zig's best features were designed for human ergonomics, which matters less now All of Rust's best features came at the cost of added verbosity, which applies less to agents because they have superhuman working memory and never get tired

When I mentioned that bun has more crashes than deno & node because of zig I got banned by Jarred. But finally people start getting that having compiler enforce your safety even in 95% of cases is actually amazing and it’s worth basically any suffering of a borrow checker.

Microsoft is investigating mistralai PyPI package v2.4.6 compromise. Attackers injected code in mistralai/client/__init__.py that executes on import, downloads hxxps://83[.]142[.]209[.]194/transformers.pyz to /tmp/transformers.pyz, and launches a second-stage payload on Linux. The file name transformers.pyz appears deliberately chosen to mimic the widely used Hugging Face Transformers library and blend into ML/dev environments. The main payload is a credential stealer, but it also includes country-aware logic; it avoids Russian-language environments and contains a geo fenced destructive branch that has 1-in-6 chance of executing rm -rf / when the system appears to be in Israel or Iran. To mitigate this threat: isolate affected Linux hosts, block 83[.]142[.]209[.]194, hunt for /tmp/transformers.pyz, pgmonitor[.]py, and pgsql-monitor.service, and rotate exposed credentials.

Unfortunately, I don't use Zig now. Every 1.5-5x human DX productivity boost from Zig features is eclipsed by the 100x boost from coding agents writing Rust: Allocator interface: This is my favorite Zig feature, you feel so galaxy brain using a specialized allocator to optimize a code path (e.g. arena, stack fallback etc). The problem in Rust used to be that there was no Allocator interface equivalent and if you wanted a Vec that used a custom allocator you literally had to copy+paste the std version and modify it to use it (this is what Bumpalo did, look at the source). For a long while now there has been an Allocator trait in nightly, and it seems to be good now. Because it is a trait it is static dispatch, vs Zig's which is based on a vtable. Unlike Zig there isn't a community-wide convention of designing data structures to be parametric based on the allocator, but AI changes the game and makes it trivially to copy paste code and change that. I find it works well enough for my use-case. Arbitrary bit width integers + packed structs: Another beloved Zig feature of mine. It makes it so easy to do DOD-style CPU cache optimizations and stuff like tagged pointers, NaN boxing, etc. and even made bitflags really easy to make. You could always do this in Rust or any systems programming language but it was really ugly/unergonomic. The least worst option was using some crate like bitfield/bitflags which both rely on proc macro magic to work. Now, with coding agents I literally do not care how annoying it is to write the code by hand. Comptime: This is Zig's flashiest feature, no other programming language except maybe for obscure dependent-types langs have compile time evaluation as nice as Zig's. I thought I would miss it a lot, but I actually don't. For me, 95% of comptime usage is to create Zig's version of generic data structures with parametric types. Rust has a better designed type system IMO (see next section). In the remaining 5% of cases, not having comptime sucks. The only reliable way to reach an equivalent is through codegen. I'm making a game right now, and I have hardcoded hitbox geometry data generated from a tool that I want to bake into a data structure. Without comptime, I have to get Claude to write a script that generates the Rust file. However, I don't find myself needing compile time evaluation that much anyway. Rust's type system: I think I'd rather trade having comptime for Rust's better-designed type system, especially for bounded polymorphism (traits/typeclasses). Trying to do the equivalent in Zig is a nightmare. Also, I think that Rust's type system allows you to enforce more variants and prevent coding agents from making common mistakes. In my game I use the euclid crate which essentially allows you to not mix up coordinate spaces (very common problem in graphics programming) by creating specialized types for each coordinate space (e.g. Point or Point) Not having to deal with memory issues: With coding agents allowing 100x more code to be written, this also means you need to scrutinize 100x more Zig code for memory issues. Without formal verification, the surface area of the search space to enumerate to find bugs is just so much larger now. With the magnitude of code being generated now, Rust is even more attractive. Rust's tradeoff was always that it hinders developer productivity especially if you are unfamiliar with borrow checker, but this simply does not matter with coding agents anymore. And if you do use unsafe in Rust there's tools like miri which you can have the coding agent run the code against to make sure it doesn't cause UB or isn't violating Rust's aliasing rules when it comes to unsafe. I still miss writing Zig and find it to be a great language but I like Rust more and coding agents work with better with it.

At my company we stopped doing code reviews. There's no point now