Posted on

Our newsletter offers the latest updates, best practices, and community insights. From new guidelines on Cargo.lock files to optimized compile times.

Hello, Rust Enthusiasts!

Welcome to another enriching edition of Rust Trends, your biweekly compass for navigating the ever-evolving Rust ecosystem. As Rust continues to solidify its position in the world of programming, we are here to keep you updated on the latest developments, best practices, and community dialogues.

In this issue, we delve deep into the much-discussed change in Rust's guidance on committing Cargo.lock files — a shift that reflects the language's growing maturity and diverse user base. We also bring you insights on how Rust compile times are optimized, a topic that resonates with every Rustacean out there.

Whether you are a seasoned developer or a newcomer eager to explore, we have curated content that caters to all levels of expertise. So, fasten your seat belts as we embark on another exciting journey through the Rust universe!

Let's get started!

Updated Best Practices for Committing Cargo.lock Files

Cargo.lock file

The Rust Cargo team has updated its guidance on committing Cargo.lock files. Previously, the team advised committing this file for packages with binaries but not for libraries. The new recommendation is more flexible, suggesting that developers should do what is best for their individual projects. This change is aimed at accommodating the evolving needs of the Rust community, especially as the language gains mainstream adoption. The cargo new command will also no longer ignore Cargo.lock for libraries starting from nightly-2023-08-24. The team emphasizes the importance of regular testing against the latest dependencies, regardless of whether the Cargo.lock file is committed.

The update addresses several issues:

  • Background: The old guidelines helped maintain high quality in Rust's package ecosystem but also had downsides like making it harder to bisect code history.
  • Why the Change: Rust's growing mainstream adoption and the need for a better onboarding experience for new developers have necessitated this change.
  • Wider Ecosystem: Advances in CI and tools like Dependabot have provided alternative ways to manage dependencies, making the old guidance less relevant.

For more details and to provide feedback, you can read the full blog post on the Rust Blog and the updated Cargo Book

Speeding Up Rust Compile Times: Insights from August 2023

Rust compiler

The Rust programming language is known for its focus on safety and performance, but compile times can sometimes be a bottleneck for developers. Nicholas Nethercote, a contributor to the Rust compiler, recently published an article detailing various improvements made to speed up the Rust compiler as of August 2023. Here's a summary of key takeaways to help you speed up your Rust compile times.

Hash Algorithm Update for Incremental Compilation In the realm of incremental compilation, a notable enhancement was introduced through pull request #107925. This update modified the hashing algorithm responsible for detecting changes in code fragments. Specifically, the algorithm was transitioned from SipHash-2-4 to SipHash-1-3. As a result, the average wall-time for compilation was reduced by 1.63%. This optimization is particularly beneficial for incremental builds, where the hash function plays a crucial role in identifying code changes that require recompilation.

LLVM Version Upgrades Boost Rust Compiler Efficiency The Low-Level Virtual Machine (LLVM) plays a pivotal role in the Rust compiler's back-end, handling tasks like code optimization and generation. Two separate pull requests (#109474 and an update to LLVM 17) were responsible for upgrading the LLVM version used by the Rust compiler. These upgrades led to a reduction in average wall-time by 1.19% and 1.91%, respectively. The enhancements are attributed to both the increased efficiency of LLVM itself and the superior quality of the code it produces.

Streamlining Code Checks for Faster Compilation Lints in Rust are essentially code checks that help identify issues like syntax errors or potential bugs. A specific update, made through pull request #113734, optimized the way these code checks (lints) are executed. This led to a 1.05% reduction in the average time it takes to compile a project. Just like some of the other updates, this one also particularly benefits incremental builds, where only parts of the code that have changed are recompiled.

Enhancements in Codegen Units and Parallelization The Rust compiler has been fine-tuned to better utilize parallelization, particularly in its back-end operations. A minimum size for Codegen Units (CGUs) has been introduced in non-incremental builds. This change helps in reducing both peak memory (up to 19%) usage and the size of the compiled binary. However, the author points out that perfecting this aspect is challenging, given the multiple metrics that sometimes conflict with each other.

Final Thoughts While the improvements may seem incremental, they add up over time and contribute to a more efficient compilation process. The article also touches on other areas like runtime benchmarking and future improvements, making it a comprehensive read for anyone interested in Rust compiler performance.

Navigating the Serde Controversy: A Lesson in Community Trust and Security for Rust Developers

Serde serialization

What Happened: The Serde project, a popular serialization library in Rust, faced backlash from the community for shipping precompiled binaries. The issue arose when the project's maintainers decided to include precompiled binaries in the package, which is against the norms of the Rust ecosystem. The binaries were intended to speed up the build process, but they raised concerns about security and trust within the community. The situation led to a heated debate, with some developers even considering forking the project (source: BleepingComputer).

How It Was Recovered: The Serde project took immediate action to address the concerns raised by the community. An issue was opened on GitHub to discuss the matter transparently. They acknowledged the community's concerns and decided to revert the changes that included precompiled binaries. The issue was marked as resolved, and the project moved forward with its regular development cycle, ensuring to maintain the trust and security standards expected in the Rust ecosystem (GitHub Issue #2538)

The proposed forking by some community members would have been a poor outcome, leading to fragmentation and potential confusion. Personally, I am very pleased with how the situation was handled and resolved, reinforcing the importance of community trust and collaboration.

This incident serves as a lesson for the Rust community about the importance of maintaining trust and security while making changes that could potentially affect many projects.

Release Note: Serde release v1.0.184: Restore from-source serde_derive build on all platforms - eventually we'd like to use a first-class precompiled macro if such a thing becomes supported by cargo / crates.io

Snippets


We are thrilled to have you as part of our growing community of Rust enthusiasts! If you found value in this newsletter, don't keep it to yourself — share it with your network and let's grow the Rust community together.

👉 Take Action Now:

  • Share: Forward this email to share this newsletter with your colleagues and friends.

  • Engage: Have thoughts or questions? Reply to this email.

  • Subscribe: Not a subscriber yet? Click here to never miss an update from Rust Trends.

🔗 Stay Connected:

Feel free to connect with our editor, Bob Peters, on LinkedIn for more Rust insights and updates.