Author: Chris Angelico
Created at: 2025-11-18 19:59
Number: 118
Clean content: William Woodruff: Conversely: do you moderate your trust in CPython based on the presence of unstandardized, compiler-specific extensions? The last time I checked, there were a nontrivial number of GCC extensions and attributes in the codebase (other compilers go to great efforts to be compatible with these, but they’re not standard). I would, but the moderation in question is relatively slight. There are two levels of trust: “Do I believe this isn’t malicious?” and “Do I believe that this is able to do what it promises?”. The compiler-specific extensions don’t significantly affect the first one (any sort of malicious implication has to be incredibly convoluted, like “the CPython devs are trying to force people to use GCC because they are trying to boost Richard Stallman’s fame and try to get him into the Guinness Book of Records” - or something equally ridiculous), though they do have an impact on the second (“in the event of a problem, do we have true options here?”). So, yes, it does impact trust, but not all THAT much. Non-standard/compiler-specific features, to me, recall the days of IE-specific features in web sites, which had the much-less-convoluted justification “Microsoft wants everyone to use IE so they have to buy Windows”. But the trust impact depends on how viable the threat is.
