Rust libz blitz!

briansmith · 2017-06-20T00:23:33.823Z

I think it would make more sense to stabilize a new version of rand with a much simpler API like ring’s and the implementation details from ring (e.g. the feature flag to turn off the fallback to /dev/urandom for facilitating sandboxing that blocks file I/O syscalls).

There are lots of things that you could do in libstd that could be done in Rust, which currently require C/asm in ring because of the lack of stable (proper) access to syscalls and RDRAND/RDSEED in stable Rust, which is what ring targets.

In other words, I’m not proposing that ring be the replacement for rand, but rand’s API should be fixed to be closer to ring’s than its current API.

briansmith · 2017-06-20T00:51:08.345Z

1.0 is partly marketing and partly about some kind of commitment to a stable API.

As far as marketing goes, I’ve debated releasing 1.0, 2.0, 3.0, etc. instead of 0.6, 0.7, 0.8, etc. but it doesn’t matter enough for me to bother with.

As far as the API stability goes, I know there will be more breaking changes (e.g. the AEAD API) this summer (I hope) but I’ve not considered trying to finalize any part of the API. Especially there are some parts of the API that would change if/when things like const fn and statics in constant position (e.g. x: [u8 ; ring::digest::SHA256::output_len];) were/are added to the language.

Regarding some things that are in the API guidelines, like the capitalization requirements for SHA256 vs Sha256, I’d like to see some evidence showing that those things actually have a significant positive difference vs. being over- or wrongly- specified before I make changes like that.

KodrAus · 2017-06-20T01:16:20.490Z

@brson I’m happy to pick up same-file, since we’ve already been over it a bit in the walkdir evaluation

brson · 2017-06-26T21:26:12.171Z

KodrAus:

@brson I’m happy to pick up same-file, since we’ve already been over it a bit in the walkdir evaluation

Awesome. It’s yours! You can just run it in the same way as the previous one.

This week I am at a Mozilla all-hands and won’t have much time to devote directly to this, but next I’ll make sure we get some more evaluations underway.

brson · 2017-06-26T21:27:41.208Z

Thanks for the feedback @briansmith. I’ll try to incorporate it into the rand evaluation, and to solicit more of your advice when it gets underway.

KodrAus · 2017-06-28T07:33:53.251Z

I’ve started a topic for same-file.

I thought it was still worth time-boxing the evaluation component even though there isn’t a libs meeting. I gave it 2 weeks from today, but am happy to change or remove that.

budziq · 2017-06-29T14:44:24.788Z

As we are quite low on actionable example ideas in cookbook. I was thinking about adding some:

from stdlib misc ideas
future evaluations
out of band crates

But some crates have pretty awesome tutorials/cookbooks by them selves like csv does. What would be the approach for such crates?

KodrAus · 2017-06-29T22:52:12.108Z

brson:

Done. The way I did it was to click the “…” at the bottom of the post, then the wrench icon, then “make wiki”.

Looks like I haven’t got permission to make the same-file OP a wiki. No wrench icon produced by expanding the ... for me

burntsushi · 2017-06-29T23:28:43.485Z

I don’t pretend to know the inner workings of Discourse, but I used my powers to make it a wiki.

brson · 2017-06-30T21:48:56.677Z

budziq:

But some crates have pretty awesome tutorials/cookbooks by them selves like csv does. What would be the approach for such crates?

I think we can steal them, with the authors’ permissions!

brson · 2017-06-30T21:49:31.727Z

Thanks @KodrAus!

@budziq, yes please, begin creating more recipe ideas.

brson · 2017-06-30T22:17:24.915Z

Argh, it looks like I missed the status update last week again, and I’m not going to get it done today. Sorry for falling behind, but I will catch up next week. Thank you so much @KodrAus, @budziq, and @burntsushi for keeping things moving

Next week I will endeavor to catch up on reviews, open the rand evaluation, resolve a number of guidelines issues, and close out some of the early evaluations with version bumps and releases.

It came to my attention recently that CC0 would be more a more appropriate license for the cookbook, so I filed an issue against it: https://github.com/brson/rust-cookbook/issues/209

budziq · 2017-07-01T18:05:05.832Z

brson:

t came to my attention recently that CC0 would be more a more appropriate license for the cookbook, so I filed an issue against it: https://github.com/brson/rust-cookbook/issues/209

I’ve prepared a PR but IANAL so I would appreciate someone looking into it prior to merging

bstrie · 2017-07-02T02:28:21.000Z

Howdy Brian, I’ve at last convinced my RNG-expert friend to start concretely listing his discontents with the current rand lib and coding up some prototypes of alternatives. Feel free to keep the rand review scheduled for 7/25, hopefully we’ll have something more to chew on by this week.

budziq · 2017-07-04T11:46:49.904Z

brson:

I think we can steal them, with the authors’ permissions!

@burntsushi would you stand some larceny ? The examples in csv cookbook are excellent and would nicely complement the rust-cookbook.

burntsushi · 2017-07-04T12:02:57.110Z

Oh yes of course! I liked @brson’s comment. I think having the examples in both places is probably quite valuable!

budziq · 2017-07-04T12:15:42.536Z

Thanks! I’ll try to revitalize rust-cookbook in upcoming days. Sorry I didn’t catch the like.

brson · 2017-07-05T22:55:45.858Z

budziq:

but IANAL so I would appreciate someone looking into it prior to merging

@budziq Yeah, I’ll follow up on this. We’re going to need to put some effort into it to get people to relicense.

bstrie:

Howdy Brian, I’ve at last convinced my RNG-expert friend to start concretely listing his discontents with the current rand lib and coding up some prototypes of alternatives. Feel free to keep the rand review scheduled for 7/25, hopefully we’ll have something more to chew on by this week.

@bstrie I’ve spoken with @bhickey a bit and encouraged them to participate in the upcoming showdown.

I’ve signed myself up to lead the rand evaluation and will open it … Friday I think.

I also added toml to the desired out-of-band evaluations after an unsatisfying experience trying to lead somebody through the docs over the weekend. I intend to solicit more help leading these evaluations to the twir call for participation, but am still agonizing over the difficulty of motivating crate leads (thanks so much @KodrAus ). I think it’s a pretty intimidating process but it’s actually really simple to e.g. go over the toml crate and make a list of documentation remediations.

I’m triaging now to create a status report.

Edit: I made a desperate plea to twir.

brson · 2017-07-06T01:50:00.468Z

One of the last blockers on lazy_static is to add CI badges. During the last few reviews though we’ve not been too keen about the imprecision of these badges though, and @dtolnay and I even plan to remove the recommendation from the guidelines. I’m inclined to close this issue. Any opinions?

KodrAus · 2017-07-06T01:55:38.924Z

brson:

I think it’s a pretty intimidating process but it’s actually really simple to e.g. go over the toml crate and make a list of documentation remediations.

brson:

Edit: I made a desperate plea to twir.

I’ll put together a quick post on reddit on my experience with libz blitz (which has been very positive) to try encourage people to get involved, because it does look official and daunting.

IMO, running an evaluation doesn’t mean having to know everything, and the libs team / crate authors aren’t antagonistic actors. Everyone is helpful and wants the process to succeed. I do think there’s a degree of mentoring the libs team would need to commit to when someone first picks up an evaluation, but I’ve already found that to be the case.