Which is written in C/C++. Showing that Zig is not moving the needle on UB when a project becomes sufficiently complex.

Take a look at Deno and check the percentage coming from FFI with unsafe languages.

https://github.com/denoland/deno/issues?q=Segfault

People keep thinking that even though Microsoft, Apple, Google, etc. with all the incentive and tooling in the world couldn't evade one of the few replicable results in programming languages (people can't reliably write memory safe code in memory unsafe languages), somehow with Zig it will be different. It's honestly a pretty fascinating phenomenon to me because most of these people are smart, and some of them are even ostensibly in the security community.

▲

lyu07282 3 days ago | parent | next [-]

We have language groupies now, like how teenagers have their favourite k-pop bands, I wouldn't take it all so seriously. Security has a tendency of making itself undeniable, it's lessons will be learned one way or another by everybody without exception.

	▲	jasmes 2 days ago \| parent [-]
		AESPA

▲

surajrmal a day ago | parent | prev [-]

It's not that they think zig will avoid the issues, but rather that the cost required to do so is too great, so they would rather have a nicer language with more traditional ways to catch those bugs. If things like memory tagging continue to take off, hardware will catch these issues anyways. I don't personally agree but they are allowed to have their opinions.

More than memory safety, I do think thread safety is a bigger challenge I'd love more modern languages to tackle.

	▲	Jweb_Guru 10 hours ago \| parent [-]
		People are allowed to have whatever opinions they want, sure. I've seen numerous advocates of Zig defend the idea that "in practice" it is about as memory safe as Rust, something that's clearly not true. That's the part I find weird, not that people enjoy using unsafe languages.