Daily Shaarli
Yesterday - August 27, 2025
Native libraries are hard in Rust; the compiler offers no guarantees about the memory representation of structs; or these structs needs to be FFI-Friendly with unsafe extern "C"
. There is no sandboxing, so a malicious code could promise the machine; or corrupt the memory silently.
Finally, dynamic library plugins are distributed as compiled code.It's easier to hide backdoors in compiled code. It's also harder to share the code than simple scripts.
There are two main ways to embed JavaScript in a Rust program. The first one is with bindings for the lightweight QuickJS engine, such as rquickjs. Take a look at AWS' LLRT (Low Latency Runtime) for an advanced integration of QuickJS in Rust.
Ho, and did I mention that QuickJS is lightweight? Around 210 KiB of code vs around 40 MiB of code for V8, all while being fast enough for most situations.
My vision of programming is to limit ourselves to two programming languages. A very powerful, secure and fast compiled language for the lower levels of the computing stack, Rust, and a less powerful and slower scripting language for high-level scripting and user interfaces, JavaScript.
Another alternative is WASM. The provided code is already compiled; and the author judges the ecosystem too immature.
The last method is the less powerful: expression engine. It allows to specify a language with some rules, even if it is not turing complete and the result always evaluate to an expression.
So to rank them:
- scripting language
- expression engine
- WASM
- at the end native libraries
The language can catch subtle errors for large codebases
Des ressources critiques
https://raindrop.io/guillaume11/ia-tl-dr-55999307
Ainsi que des exemples néfastes:
https://raindrop.io/guillaume11/ia-56132031
Ainsi que des guides, vulgarisations ou réflexions sur le sujet:
https://raindrop.io/guillaume11/comprendre-l-ia-56019219
Fraidycat is an app for Linux, Windows or Mac OS X - but which can be accessed from a local browser or a Tor onion site - and is a tool that can be used to follow folks on a variety of platforms. But rather than showing you a traditional 'inbox' or 'feed' view of all the incoming posts - Fraidycat braces itself against this unbridled firehose! - you are shown an overview of who is active and a brief summary of their activity.
"At too many companies, especially larger ones, there is no real benefit to delivering something that really benefits users. Teams are rewarded for building new features, shipping fast, and delivering the latest trends.
By the time something gets rolled out to users and fails to make a positive impact, the people who led the charge have already been promoted or have moved on to build the next big thing that is absolutely going to be a game changer."
17 apps installed over 19 million times
The whole EU age verification app thing is so exhausting. Yes, the tech specs are public, yes, the wallet app is opensource, yes, it could be done in a worse way.
Yet, it is still the newest attempt to answer the question: "can we tech hard enough to avoid having parents talking to their kids?"
And the answer is still no, you can't.
And why the website is on .dev owned by Google? Why not .eu? https://ageverification.dev/
The information is relayed on different news website:
It was unveiled with a presentation at the DEFCON 2025 https://marektoth.com/blog/dom-based-extension-clickjacking/