- cross-posted to:
- technews@radiation.party
- cross-posted to:
- technews@radiation.party
Any advance in the Ferrocene project are great news. I’m really happy to see Rust make progress in critical areas.
Is (or will) Ferrocene be open source?
… exclusive early access to Ferrocene releases …
exclusiveThis phrase look suspicious, as “open source” and “exclusive” typically does not mix well.
Will it be a special version of rustc with private bugfixes, like in ~“we have fixed 19 bugs in rustc that can lead to miscompilations in your missing-critical program, so you better pay us for better private rustc instead of using buggy upstream version”~?
Or will publicly available source code be exactly the same as in certified version of the compiler, with the difference only being the legal warranties?
Or will it follow something like grsecurity model, i.e. technically open source, but please do not distribute (lest lose the subscription).
One of the founders of Ferrous Systems has answered some questions about it on Hacker News. See here and here.
The spec they created for the certification process is open source. There is some “tiny” amount of the patches that aren’t public but it sounds like it is essentially a recent stable release of Rust because the other major changes have been contributed upstream. It’s not clear if they definitely plan to eventually release the rest of thier changes as open source or not but they will consider it.
Well, Rust is MIT + Apache 2.0, so they can do this. It isn’t copyleft.
Personally I consider it a a shame that rust and it’s ecosystem isn’t at least weakly copyleft (e.g. LGPL or MPL) though there are some good reasons not to use those specifically. (LGPL isn’t not well defined if you don’t use dynamic linking, MPL is younger than rust, but would have been an excellent fit otherwise). And the ecosystem follows the leader for the most part.
But that is neither here nor there, and I’m not interested in arguing about licenses on the Internet. :)