• 7 Posts
  • 55 Comments
Joined 2 years ago
cake
Cake day: April 27th, 2023

help-circle
  • I don’t think it’s a dumb question.

    Unfortunately I’m not sure there’s any guaranteed method to establish trustworthiness. It’s especially difficult because if there was, it would probably be easy for the scams to utilise and thus it would stop being a good method.

    Anyways, I would say try to look at the people behind the software - do they have personal websites or do they work on other stuff that also seems reliable? What about the users, do they seem legitimate? Are the issues actual issues, not fake ones? Does the code seem maintained on a regular basis with non-trivial commits? Can you find online third party mentions that seem trustworthy?

    That’s just what I could think of. But essentially, there is no silver bullet and you’ll just need to make a thorough assessment and decide if you trust it enough.









  • Can’t you just use try/catch blocks

    No, because what if whatever you’re calling is updated and suddenly it throws a new exception where before it didn’t? Python or JavaScript or other interpreted languages will never warn you about that.

    if the data structure of whatever you’re working with isn’t what you expected?

    That sounds like a whole lot of boilerplate I have to write to verify every time that something is what I expect. Static typing does that for me much easier and more reliably.

    Some languages like Rust have so good type systems that often when a program compiles, it just works. You don’t have to run the code to know that it functions if you only make a small change.

    What kind of systems have you worked in? In small systems, the static analysis doesn’t matter as much, but the benefits become bigger and bigger the more code there is to analyze.


  • Think about it: if you don’t need a compiler and the hundreds of dependencies that will eventually break things will last way more time.

    You can have hundreds of dependencies whether you use a compiled or interpreted language, that really has nothing to do with that.

    Also compilation has lots of benefits, including being able to do lots of static analysis to find bugs. I definitely don’t agree that we should move away from compilation in general or WebAssembly specifically. WebAssembly doesn’t have to be only used for low level stuff, you can write your code in a high level language and compile to WebAssembly just fine.