People are paid to work on standard libraries and there’s a whole process behind... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		blub 84 days ago \| parent \| context \| favorite \| on: Rust’s dependencies are starting to worry me People are paid to work on standard libraries and there’s a whole process behind developing and releasing this software. Tokio on the other hand is the library whose maintainer decided to download a binary blob during build: https://github.com/tokio-rs/prost/issues/562 https://github.com/tokio-rs/prost/issues/575 Good luck catching such issues across dozens of crates.

simonask 84 days ago [–]

The issue you linked is a perfect example in support of my argument. Lots of people noticed the problem, and it was quickly rectified.

Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact