> Andrew has already stated publicly that Zig should not be used in production until v1 due to security vulnerabilities in the standard lib.
Andrew has made the claim a couple years ago that Zig should not be used in production yet. The part about security is not at all part of anything he ever claimed, and is in fact only something that you went crazy about on your own.
While I can understand holding real hard onto your opinion, please don't put words in people's mouths, especially when the person in question does not share your position on the matter at all.
As an outside observer without any connection to any of these project I'd recommend that you step back from posting strongly held negative opinions and reflect on your biases and assumptions here. It sounds like you are unreasonably disgruntled against zig and derailing tangentially related threads, then claiming unwarranted victimhood.
We are talking about two projects (zig and bun), likely years before 1.0, and you complain they're not perfect, or improving on your timeline. Projects improve security and quality by increasing adoption and thus human resources available for auditing and fixes. You seem to be advocating against adoption, or presuming current users are uninformed about the project's status.
My hobbyist-level interactions with the zig community indicated nothing by calm professionalism and enthusiasm for quality software.
I find it rather odd that junon's constantly bringing up this security issue for the past 6+ months in all threads that are even in the same neighborhood as Zig, acknowledges that maybe his conversations should go private enough that he asks Dang to anonymize his past public comments so they aren't associated with him.... Just to repeatedly do it again.
Are we going to come back to this thread in a month and see all these comments of his anonymized too?
I have no dog in this fight as I don't use Bun or Zig nor do I plan on it, but from another outsiders perspective, he definitely seems to have a grudge against Zig and Andrew and is trying to play victim over it.
Please observe that in my post I only recommend reflection, and describe how their communication sounds like to me. Seems like I'm not the only one. I am specifically trying to avoid the overtly adversarial language of telling someone off, or telling them what to think or do, so please don't ascribe that unnecessarily.
Dude. It’s really odd behaviour of a person to have their pull request rejected, so they respond by going in to every single hn post related to zig and posting major exaggeration.
Your pull request was rejected because it wasn’t the direction the language wanted to go.
You keep saying that zig people don’t wish to reconcile privately, but looking at your posts, it’s clear why they’ve stopped engaging with you.
> Yes you and Andrew seem to have a vendetta against me on HN
Two years ago you found a utf8 decoding function in the stdlib that asserted in its documentation that it expects valid utf8. You then went on a Zig community on Discord and started saying that it's a vulnerability because if you feed it invalid utf8, the function will not work correctly. People told you that, well, that's part of the function contract, but you didn't want to hear it and went to post everywhere that Zig doesn't take security seriously (actual quote from you). People also tried to explain to you that a function that does validate the encoding would be welcome, but that since Zig was a new programming language, we didn't have one yet and that for now that's what the stdlib offered (ie the function that expects valid utf8). In the meantime somebody else did implement the better API but, two years later, you're still here fixated on that same thing.
> Just strange the Zig team refuses to reconcile this privately and instead resorts to berating me on HN of all places.
From my perspective the best outcome would be that you somehow realize how silly this entire thing is and finally let go. For more complex situations I could understand having an "agree to disagree" conclusion, but given the incredibly ridiculous nature of this specific issue I don't think there's much more for anybody else to learn.
If the above can't happen then I would ask you simply to stop posting misinformation about Zig.
Andrew has made the claim a couple years ago that Zig should not be used in production yet. The part about security is not at all part of anything he ever claimed, and is in fact only something that you went crazy about on your own.
See: https://news.ycombinator.com/item?id=34669045
While I can understand holding real hard onto your opinion, please don't put words in people's mouths, especially when the person in question does not share your position on the matter at all.