4 comments

  • vitaminCPP 1 hour ago
    I've read somewhere that the longer-term goal is to move the build system into a WebAssembly VM. If so, this is incredible.
    • jswny 1 hour ago
      What’s the advantage of that for building?
      • himata4113 1 hour ago
        sandboxing, which feels a weird way to achieve that. Although the reason for it to begin with is because builds systems can typically access raw memory and disable artificial restrictions.

        I think this is a bad move since the real fix to these attacks is a sandboxed environment rather than a single tool implementing sandboxing.

        • insanitybit 20 minutes ago
          These are not mutually exclusive, and one makes the other better. "Whole process" sandboxing has always been far worse than native sandboxing because when the devs writing the software design the software to be sandboxed they can achieve far more fine grained permissions. Similarly, "whole environment" sandboxes are the absolute worst - they're the least fine grained possible.

          The benefit of "whole environment" is that if you stuff everything into that environment then anything in it is confined, but it's all confined with everything stuffed in and is sort of maximally capable. You can rarely do things are significant as, say, system call filtering, because all software in the environment must continue to work and none of it was designed with that in mind.

          Native sandboxing like this will likely make auditing much easier as well. If a dependency requires something like "give me the ability to execute code on the OS", now it has to ask for it and now it gets additional scrutiny.

          Native sandboxing is and always will be the infinitely superior method when it's actually used. Whole process/ Environment is only what we use because of how rare native sandboxing is.

        • cornstalks 52 minutes ago
          How would you do it, then? Sandboxing a project's build.zig via Wasm (and the various dependencies's build.zig files) seems like a great improvement to me and is how I would personally try to sandbox the build process.
          • afdbcreid 35 minutes ago
            I don't know what build.zig commonly does, but in Rust build.rs often does things like compiling C/C++ libraries, so you can't sandbox it with WASM (contrary to proc macros, which most of the times can be compiled to WASM and there were/are efforts for that). How does Zig fare with that?
            • insanitybit 16 minutes ago
              Even if they end up with a "this dependency can execute arbitrary code" it'll be a huge win because that will be an explicit grant to that dependency. You'll be able to know "which of my dependencies execute arbitrary code?" and encourage most of them not to. In rust, you can know this but it's going to be "basically all of my dependencies can do it" because somewhere they'll use a build script/ proc macro.

              I don't know Zig's plan, but once you have the ability to broker privileges like this you have the ability to audit the privileges being brokered and things change forever.

          • himata4113 47 minutes ago
            Use containerized development systems: bwrap (my favorite), devcontainers.json, isolated server, anything really. You can't protect yourself against malicious vscode extensions with a zig build system sandbox.
  • nesarkvechnep 2 hours ago
    Development of Zig feels so wholesome.
    • SwellJoe 2 hours ago
      The thing about Zig in these times is that it proves that software development as a craft is not dead or replaced by LLMs.

      Even though I use LLMs every day, and have to admit they're remarkably good at many classes of problem, I don't want a programming language built by an LLM. Every line of code in a programming language, every decision, every trade off, matters. A vibe-designed/vibe-coded programming language would be a disaster. I don't know how else to put it, and I've never seen any model produce code that would convince me otherwise (even Fable, which is, in fact, a notable improvement over the prior best models). The models don't want anything. They don't have meaningful opinions. They don't know what comfortable vs. uncomfortable feels like in a language (or in a GUI or CLI interface at sufficient levels of complexity).

      You can't get a language like Zig out of an LLM without simply copying Zig, and even then it would be a copy that is worse. (I mean, I'm assuming "copy with an LLM" means, "have an LLM write the spec and another build the language to the spec", not literally `cp` the source tree.)

      • ChrisGreenHeur 2 hours ago
        Sure a human would write the language spec and the llm implement it
        • foltik 51 minutes ago
          Such a spec would never survive contact with reality. Maybe a human could stumble their way through iterating on it with the help of an LLM, but with current models you’re going to end up with nothing but a steaming pile of garbage. Not Zig.
    • edoceo 2 hours ago
      It's kinda fun to build with too. Making a bootloader, doing some UEFI things. Much easier (for me) than when trying with C. But also, new&shiny and learning is fun - increases my bias.
  • malkia 1 hour ago
    Everytime I see a language creating their own package system, all I can think of it how much we've missed here.

    The only exception is C/C++, where there is none established that well, for good or bad.

    These choices may create later super-convoluted processes when you have to mix more than one language together.

    Packaging systems makes thing easy, but complicate further the line if another language needs to be used.

    • afdbcreid 33 minutes ago
      What do you think we've missed? Do you want one build systems for all languages? There are such systems (e.g. Bazel) and they're often used for multi-languages projects, but I think reality has proven that build systems with language-specific knowledge are much easier to navigate.
    • forrestthewoods 1 hour ago
      The world has yet to standardize on a good crossplatform polyglot build system.

      The only real such build systems are Buck and Bazel. But they have way too much baggage from their overlords.

      It’s a shame.

      • arikrahman 49 minutes ago
        Zig is pretty good for my use case. It may not be fully pollyglot at a technical level, but I can use it for my embedded C use case, for Jank to export the .cpp to other platforms, and thereby Clojure.
      • himata4113 59 minutes ago
        build systems using llvm as the backend are getting there, but zig is making their own compiler too.
  • arikrahman 52 minutes ago
    A very well-reasoned separation of concerns.