Rust

cross-posted from: https://lemmy.world/post/17984566

Hi all,

mpv communities seem to be tiny in lemmy, so I'm sharing it here.

This is a program I made for music control from local network.

You can run it in a computer with some local media files, or youtube links or any other links yt-dlp supports. And then with the server, you can control the media player and the playlist from any devices in your local network. So that you can just show a QR code or something to house guests for parties, or have it bookmarked within family to control the music.

I wanted to make something similar to how youtube app let's you play in TV and such, but my skills were not enough to do that. So I tried a simple alternative that works with computers. In an ideal world, I could make "Play with local mpv server" option come while on other android apps, but I have zero experience in android app development and it looks complicated.

I know some other programs also give option to control media, but I wanted to give it a go with a simple implementation. Making the web-server was a tricky part. Only tutorial from the rust book was useful here as every other web server developement in rust seems to be async ones using libraries so I would have to make a complicated system to communicate with the mpv. Using the simple Tcp connection let me make a thread with mpv instance in the scope. I do need to support https and file uploads and other things, but I haven't had any luck finding a solution that works with simple Tcp connection like in the tutorial. Let me know if you know anything.

Github: https://github.com/Atreyagaurav/local-mpv

Many devs dream of one day writing their own operating system. Ideally in their favorite language: Rust. For many of us, this dream remains just that: a dream.

Jeremy Soller from System76, however, didn't just contribute kernel code for Pop!_OS, but also started his own operating system, RedoxOS, which is completely written in Rust. One might get the impression that he likes to tinker with low-level code!

In this episode of Rust in Production, Jeremy talks about his journey. From getting hired as a kernel developer at Denver-based company System76 after looking at the job ad for 1 month and finally applying, to being the maintainer of not one but two operating systems, additional system tools, and the Rust-based Cosmic desktop. We'll talk about why it's hard to write correct C code even for exceptional developers like Jeremy and why Rust is so great for refactoring and sharing code across different levels of abstraction.

Listen to Rust in Production Podcast S02 E07

• Comparison with other Rust datetime crates
• Why build another datetime library?
• Why not contribute to an existing library instead of building a new one?

Pretty much the title. For those who use LLMs for learning or writing rust code, claude is much better at it, based on my experience.

Hi friends, Not sure whether this little tool could be of use to anyone here, but I thought it might be interesting to share.

I was running into problems on my VPS due to high-memory usage, which led to my email server going down with all the consequences that come with it. I tried using Grafana Agent to monitor the server's state, but with 2GB memory, the tool's footprint was creating more problems than anything else, so I reinvented my own, square, low-memory footprint, wheels.

Cheers everyone.

cross-posted from: https://lemmy.ml/post/18162485

This would entail:

• Pulling in the ClearUrls rules as a git submodule.
• Reading / transforming the json there into Rust structs.
• Creating a Rust crate that runs a .clean(input_url) -> String

Lemmy issue: https://github.com/LemmyNet/lemmy/issues/4905

• Added type diesel_async::pooled_connection::mobc::PooledConnection
• MySQL/MariaDB now use CLIENT_FOUND_ROWS capability to allow consistent behaviour with PostgreSQL regarding return value of UPDATe commands.
• The minimal supported rust version is now 1.78.0
• Add a SyncConnectionWrapper type that turns a sync connection into an async one. This enables SQLite support for diesel-async
• Add support for diesel::connection::Instrumentation to support logging and other instrumentation for any of the provided connection impls.
• Bump minimal supported mysql_async version to 0.34

A special thanks goes to @momobel and Wattsense for contributing the SyncConnectionWrapper implementation.

To support future development efforts, please consider sponsoring me on GitHub.

Full Changelog: v0.4.0...v0.5.0

I hope this slightly off-topic post is ok here. Today the Fediverse Canvas 2024 event begun and I thought it would be nice to add Ferris to the canvas. I started with a couple of pixels, but after a while I got distracted with other things. When I came back, I found that some of you have already finished it 🦀

Btw. Ferris sits on top of the Godot logo (bottom and slightly right).

Hi rustaceans! What are you working on this week? Did you discover something new, you want to share?

Hi all,

ref: https://programming.dev/post/16349359

I agree with all the criticism about the author, the intentions, and the points in the article, expressed in the ref. thread. I also think the author highlights a serious issue (if we leave "selling the book", cheap criticism, and sensationalism aside). While nothing new for most developers, the article has spawned a personal rabbit hole of discovery, starting from supply chain attacks.

I am still very early in my process of learning Rust (still reading The Book) and self-taught software engineering in general, and the journey the article has spawned was very educational to me. I've learned about securing software and being mindful across the whole SDLC[1], AppSec, DevSec, OWASP, SLSA[2] Socket[3], GitHub Advanced Security, and many more tools and guidelines. Last of which is RustSec[4]. Which quenched my thirst and closed that personal rabbit hole. It has opened a different can of worms though.

While endemic to any non-monolithic ecosystem and only part of the "big security picture", supply chain is possibly the major player across the spectrum. Comparable to "the legacy issue" of stagnating systems and infrastructures, open to exploits as old as the Sun.

Now, while I am aware that security is a process, not a product and that this is easier said than done: I wonder if tools like RustSec should be embraced at the foundational level and made a "mandatory best practice". RustSec tools integrate with an up to date security advisory database and Cargo. They can also be deployed as GitHub Actions.

Because I am sure this is not all roses: I agree that (for example) dependabot is seen as a major annoyance more than a useful tools for a number of reasons, and that RustSec could spark the same kind of thoughts. However, it could be a great stepping stone of the security process.

I am aware I may be being too idealistic here, but the process has to start from somewhere and stagnating on "dogmas" ain't helping either.

Please be kind in your replies.

Cheers

[1] https://www.youtube.com/watch?v=hDvz8KivY_U [2] https://slsa.dev [3] https://socket.dev [4] https://rustsec.org

We finally were able to finish the sync with the Rust compiler and now support the types f16 and f128!

I had a lot of stuff going on lately in my private life, so I wasn't able to work as much as I wanted on rustc_codegen_gcc. Hopefully, it should be back to normal after my vacation.

It's less than two weeks until our next Rust and NixOS meetup in Mannheim, Germany. We're meeting on the 16th of July at the Mafinex technology center close to the main station. If you want to join us, please sign up for the event on Mobilizon (no account required) or Meetup.com.

https://rheinneckar.events/events/9d740b89-7713-4e19-a112-45aff1670f0f

https://www.meetup.com/hackschool-rhein-neckar/events/301504325/

As first talk, we will hear Andre Dossinger on "Using NixOS for Pragmatical Self-hosting", where he will show us how NixOS can be used in a problem oriented manner to preserve privacy and make complex setups manageable. Questions and discussions are highly encouraged!

Then, we will hear Benjamin Sparks on "Reading from Streams and Writing to Sinks" using Rust and Tokio, with a focus on low runtime overhead, safe buffer management, and robust error handling. He will show us the types and traits Tokio leverages to efficiently decode bytes and encode structured data in a type-safe manner is presented, and give us a practical demonstration of codecs for two different protocols.

Finally, Stefan Machmeier of the EMCL at Heidelberg University will give us an introduction to Nix Flakes, the experimental dependency management system built into Nix since version 2.4 that can be used for reusable Nix libraries as well as your own Nix packages and NixOS configurations.

The talks will be recorded and uploaded after the meetup.

July 2, 2024

Sylvain Kerkour writes:

Rust adoption is stagnating not because it's missing some feature pushed by programming language theory enthusiasts, but because of a lack of focus on solving the practical problems that developers are facing every day.

... no company outside of AWS is making SDKs for Rust ... it has no official HTTP library.

As a result of Rust's lack of official packages, even its core infrastructure components need to import hundreds of third-party crates.

• cargo imports over 400 crates.

• crates.io has over 500 transitive dependencies.

...the offical libsignal (from the Signal messaging app) uses 500 third-party packages.

... what is really inside these packages. It has been found last month that among the 999 most popular packages on crates.io, the content of around 20% of these doesn't even match the content of their Git repository.

...how I would do it (there may be better ways):

A stdx (for std eXtended) under the rust-lang organization containing the most-needed packages. ... to make it secure: all packages in stdx can only import packages from std or stdx. No third-party imports. No supply-chain risks.

[stdx packages to include, among others]:

gzip, hex, http, json, net, rand

Read Rust has a HUGE supply chain security problem

Submitter's note:

I find the author's writing style immature, sensationalist, and tiresome, but they raise a number of what appear to be solid points, some of which are highlighted above.

Hi rustaceans! What are you working on this week? Did you discover something new, you want to share?