that’s really not true when the database is all in memory, statements are prepared, and so on.
but the overheads also stack up, the database/sql api is fairly allocation heavy too unless you do a lot of work and that friction increases quite a bit with the ffi boundary.
this is not to suggest “modernc is faster” - it’s not for a lot a workloads.
there are opportunities for optimization all over both approaches.
> Look at the Railway GCP account ban situation. A literally billion dollar startup running on Google Cloud and Google just randomly snaps their fingers and deletes their account. Zero warning. No phone number to call. No account rep. Poof. Gone. It is actual insanity to me. A billion dollar customer gets the exact same automated middle finger as a low effort spam bot. Your B2B business is completely cooked if that is how you treat people. The enterprise cloud gravy train is right there and Google is standing on the tracks begging to get hit by the train.
If you've been around a while you know that at any business critical scale at all you establish a relationship with your cloud provider and get an account manager. When you do this, you have a number to call.
A billion dollar startup not doing this is a keen lesson for the CTO.
Yes, Google likely screwed up here, but being unprepared for account problems, having no established relationship with your provider is a critical mistake.
The article goes on to talk about Hetzner as an example: their pricing is great for individuals but they literally don't even offer account management relationships - even at scale they actively refuse them. There are equivalent stories of account terminations with Hetzner, which is also a key point: this isn't just a big business problem, at all.
subtree is better for this case, you want to encourage actual reading before running. reading won't catch everything but it catches a lot, and the burden isn't as high as people always complain about before they try it.
nope, doesn't help. signatures and removal of script points have zero net effect on the value of the target that the ecosystem has, or how easy/hard it is to write a worm. the package code gets run, this is statistically true, and the exploited developers/environments will sign packages, this is also statistically true.
install scripts are a distraction, just like package signatures are a distraction. adding/removing either feature has no significant impact on the wormability of this package ecosystem. installed npm code is run, with nearly zero exceptions.
Zircon is still under development with recent RFC's extending the memory synchronization and attribution model for processes.
There was also more extension added to one of the key disk formats in March which has an eye to more flexible long term evolution and adaptation to particular device form factors.
The publicly available evidence does nothing to support your claims, entirely the opposite.
I used to work on Fuchsia, I have not for many years now and have no idea what their current roadmap looks like, but I do know where to actually look up what's been done recently, which is all public and you could do as well.
Anyway I have no idea if this has any fuchsia code in it.
A vast number of C++ programs import C and POSIX headers directly, so the language level distinction you wish to make isn’t all that relevant to the subject matter.
there are no good reasons we don't do this in the standards themselves, C, C++, and POSIX should all be working on editions that add safer APIs and mark unsafe APIs as deprecated, to start a long term migration. we know how to do this, we've had a lot of success with this. there are real engineering concerns, sure, but they're not reasons to not do it. compilers and library chains can retain support for less safe variants for plenty of time.
Lawyers I have spoken to have stated strongly that they believe collective works doctrine will provide strong protections for most mature and sizable software. I see no mention of these considerations here.
Cachy pushed a Limine update last weekend without any testing.
It broke everyone with secure boot signing.
Head proton versions are great, but games tend to turn into a laggy mess after a couple of hours and need regular restarts.
It's decent, but it's not all roses at all, and I wouldn't inflict it on non-techies yet.