Comment by nicce
15 hours ago
Odd take. Bun was not option for me because or Zig. There was no security. Issue tracker has 3000 issues about segfaults. Now I might actually reconsider.
15 hours ago
Odd take. Bun was not option for me because or Zig. There was no security. Issue tracker has 3000 issues about segfaults. Now I might actually reconsider.
> There was no security
>1M lines of un-reviewed code are secure?
Comment was more like pick your poison. Eventually it gets reviewed if they are serious. Old version had no future for serious production on anytime soon. This might get there.
> Eventually it gets reviewed if they are serious.
So they just merged it for fun in the meantime? Hope we find out if they're serious soon.
I don't believe you actually think it's odd to not want to run unreviewed code in prod. I accept that you might disagree, but I don't believe this is a take you haven't heard a million times before.
Usually it is about the trust. A lot of code is reviewed, but is the reviewer good enough to spot all the issues? Do you trust the reviewer? Usually the trust comes from the ability to see the code by yourself or for the high trust for the existing reviewer. Code is open, it is there, and Bun is a major project which will attract many eyes, and big issues will be sorted very quickly.
I did not mean that I would use it immediately, right now. But it eventually gets there much sooner than Zig, because "compiler" is one sort of reviewer that mitigates many memory safety issues.
So, my point is, that in very short time, this has much more potential than Zig had, because compiler is very strong reviewer for specific kind of issues which were plaguing the old implementation.