On the other hand, if the same problem keeps happening, it's hard to argue that the problem isn't foundational to the design and that it should be called out until either the problem is fixed or the design abandoned.

Why should they stop? Maybe they want to rehash the issue that's not being adequately addressed. Maybe it's not supposed to be funny.

How do you propose we address this issue? Instead of policing what people say, are you interested in sharing your or someone else ideas?

It's not that there isn't a conversation to be had. It's that it's a low-effort, karma farming, reddit-tier comment that always invites emotional/reactionary responses, typically the same ones as before, that usually shoots to the top of the comments section and drowns out any relevant or interesting (see: curious, as per HN guidelines) discussion.

Opponents of gun control surely feel the same way about the Onion’s story.

Maybe the authors are here to answer this.

The syntax is of course very Rusty, which is cool. However, a sort of obvious question comes to mind - what is the benefit of this over just writing rust, then? Just because the compile times are shorter?

EDIT: should mention I understand why embedded scripting languages exist, having embedded Lua many times. And I love a lot of these features, but to me having an embedded scripting language should simplify the language/API surface area instead of mirroring it almost 1:1. That's what I'm a bit undersold on.

I'm author of a rust based task manager (not (yet) FLOSS, unfortunately), where we needed "pluggable task sources" (jira, github, trello, etc).

In our setup, the "sources" are more like configuration. Whereas the core, the business logic, is more like code.

Typically, one would configure with e.g. YAML. As we can see in many projects, that have a DSL, in yaml (k9s, GitHub actions, ansible, etc). But, rather than inventing another DSL in yaml, we realized we do need some logic, something very poorly expressed in yaml. And we went for Lua.

Long story to say: if your config typically has some logic in it, it makes sense to go for an embedded scripting language to provide it, rather than building it into the core domain, or to invent yet-another-yaml-amalgation (yayamla?)

Same reason why several projects have integrated Lua to their runtime over the past 30 years. Extensibility and hot reloading.

Hot-reloading. You can edit your logic without rebuilding and restarting the host application; this cuts your iteration time from minutes to seconds, especially if the application is in a state that would need to be recreated.

Other commenters have given most of the reasons already, but since you asked specifically for the author, I'll chime in as well.

The fact that Roto gets compiled at the runtime of the Rust application is very important. That means we can ship a binary and still allow scripting.

We also believe that Rust is too complicated for our use case in some respects, we're trying to make something simpler. Our target audience for Rotonda is not people who necessarily know Rust. We can never be as simple as Lua because of the static typing, but we're trying our best.

And finally, we don't have to ship the entire Rust toolchain with our application. Roto is fully embedded into the binary with no external libraries needed and that's quite nice in practice.

Man as a not (yet) greybeard, I wish we had more of them in the teams I've been on in the last ~10 years.

"Most" is a gross exaggeration.

Stop abusing the system with new accounts. You're not cool like that.

> all open-source projects should be forced

That's a great way to kill OSS. This is only bootlicking the idea of corporations profiting off of unpaid labor.

Well something needs to be done urgently, before hospitals and critical infrastructure start getting ransomware infected on a daily basis. This isn't an unlikely scenario either, all it will take is one well resourced attacker to spin up thousands of decensored agents and have them pumping out attacks 24/7. I'm actually kind of surprised it hasn't already happened. TeamPCP is just the beginning. We're lucky they're not using ransomware, otherwise the carnage would be 100-fold.

Then the corporations, medical system, etc needs to help support the people who make OSS software if they want the immediate, urgent change you're suggesting.

Unsurprising. A lot of phishing scams have their first stage servers in NL for some reason. Glad something is being done about it at least.

NL has cheap hosting, strong privacy laws, and providers that are slow to respond to abuse reports. Perfect storm for spammers.

When I'm sitting in the plane that has CAS firmware, I'd like to think it wasn't written by an LLM and that my death in the case of a CAS failure isn't chalked up to "some engineer somewhere gets in trouble".

There probably already is generated code in there, only it was generated from UML. I don’t think that LLM generated code will be treated differently from the point of view of the relevant regulations.

UML conversion is deterministic.

That doesn’t matter. Once the code is generated it doesn’t change. The reviewed artifact in a safety critical codebase is the last abstraction layer before a fully certified compilation pipeline. So usually it’s not the UML but the generated code.