Author: Stephan Sokolow
Created at: 2025-11-18 18:55
Number: 116
Clean content: thesamesam: Use of unstable features in crates is more common than I’d like it to be still, and the promise does not apply to that. CPython should avoid any use of them. Fair point. I haven’t used nightly for anything but the occasional nightly-only tool run (eg. Miri) in at least five years, but then I don’t do kernelspace stuff and using Rust for microcontroller hobby programming is still on my TODO list. My experience has been that there isn’t much call for nightly for cargo build -ing userspace projects anymore. thesamesam: That option would require some work besides git clone which may not be desirable. It does bring up the general question of whether CPython would want to aggressively use crates (which can bring licence questions too) or not. CPython currently has a pretty small set of external dependencies. I’d imagine cargo vendor would probably be a better fit for that. Beyond that, cargo-deny is good for enforcing policy on dependencies (licenses, security advisories, etc.) and cargo-supply-chain helps to automate the process of inspecting who you’re trusting, independent of how many pieces they decided to split their project into.
