So, serde seems to be downloading and running a binary on the system without informing the user and without any user consent. Does anyone have any background information on why this is, and how this is supposed to be a good idea?

dtolnay seems like a smart guy, so I assume there is a reason for this, but it doesn’t feel ok at all.

  • @Mechanize
    link
    3710 months ago

    It seems it was done to marginally improve serde_derive build times? And just on x86_64-unknown-linux-gnu?

    It feels a pretty weird course of action, even if I can understand his point of view his official stance of “My way or the highway” seems a bit stronger than needed, especially considering the amount of problems - both moral and pratical - this modification arises.

    I don’t know. If he really feel so strongly about it the only real option would be an hard fork, but a project of that magnitudo and so integrated in the ecosystem is really not easy to both manage or substitute.

    Overall it kind of leave a sour taste, even if - I repeat - I understand it is his time and his decision to make.

    • @manpacket@lemmyrs.org
      link
      fedilink
      English
      1710 months ago

      It seems it was done to marginally improve serde_derive build times? And just on x86_64-unknown-linux-gnu?

      Indeed. If you use nix instead of compiling in 8 seconds it fails to compile almost instantly.

    • @tatterdemalion@programming.dev
      link
      fedilink
      1310 months ago

      The same feature is planned for Windows and MacOS. https://github.com/serde-rs/serde/pull/2523#pullrequestreview-1583726636

      The build time improvements are so marginal in a production environment where hundreds of crates are built. This decision demonstrates a strange inversion of priorities and smells of premature optimization to me. It’s so odd to see even further optimizations building on this “serde helper process” pattern.