Une revue du logiciel par Korben

Typo-squatting: using URLs is a false solution. "By making crate IDs longer, whether by namespacing within crates.io, GitHub organizations, or via domains, you only make it harder for users to remember them precisely, and thus harder to recognize typo-squatting."

Sandboxing can not be handled by the language itself.

It's the developer responsability to use crates on crates.io. It's an audit to make. Rust provides tool for it: cargo-vet, crates.io 90 day download plot, cargo chef or Nix to build isolation.

Also Rust itself does not have the resources for it at the moment. They simply can't. The compiler and std are primarily developed by volunteers, who don’t get anything out of it except for rare donations from other members of the community. The Rust project is not the same as GitHub or Linux. They don't have the same support.

We’re not nearly close to the level of security a centralized registry can provide. On the software side, in 2025 Rust teams made or piloted tools for typo squatting detection, dynamic build script analysis, and real-time code scanning. On the personal side, Rust Foundation hired on-call engineers in 2025 and a second infrastructure engineer in 2026. If that sounds overdue, well, they had net loss in 2023 – software isn’t cheap.

I came to this way of thinking by sheer accident. I was traditionally a desktop business app developer, and by the time I saw the writing on the wall, SPA frameworks were the dominant meta in front end. As I started getting contracts, I worked on one project with such a tight deadline that I simply had no time to bring a critical library into the cinematic React universe. So I just... wrote JS. I modified the DOM. And you know what? It was fine. Not only was it fine, it was easier. I wrote a little stream object in ~50 LoC to react to user inputs, and it worked flawlessly. I felt lied to. I thought making a web page interactive was an insanely difficult task only SPA framework authors were qualified to do? Yet here I was just... scripting the page.

The only cases to use framework is for project maintainability as I've found so far.

The major version number is incremented when the number after the dot starts looking "too big." There is literally no other reason.

It completes my post "Where to find blogs to follow?".

1. Personal recommendations

2. Aggregations

   • Bear Blog Discover: https://bearblog.dev/discover/
   • Blogosphere: https://blogosphere.app/
   • Blogroll: https://blogroll.org/
   • Bubbles: https://bubbles.town/
   • Kagi Small Web: https://kagi.com/smallweb
   • PowRSS: https://powrss.com/

3. Social media

Many people on the fediverse have blogs and share common interests with hastags. Hashtags can be followed to get content by the way.

Summary of the changes in the kernel 7.0

Gowall started as a tool to convert an image ( specifically a wallpaper ) to any color-scheme / palette you like! It has now evolved to a swiss army knife of image prosessing offering (OCR,Image upsacling,image compression and a lot more)