If only a reason were given. This is the original:
> Rust is a security nightmare. We'd need to add over 130 packages to main for sequoia, and then we'd need to rebuild them all each time one of them needs a security update.
What has changed? Why is 130 packages for a crypto application acceptable?
That's not a Rust problem, that's a sequoia problem.
As for why, probably the same reason the dependency tree for gnupg (generate with `debtree -R -b gnupg` but grepping out all the gcc/mingw dependencies) looks like this: https://static.jeroenhd.nl/hn/gnupg.svg There's probably a good reason why I need libjpeg62, libusb-1.0-0-dev, and libgmp3 to compile gnupg, though they're hidden away from the usual developer docs in the form of transitive dependencies; complex software just tends to include external dependencies rather than reinventing the wheel.
Is it? Rust, or rather its online acolytes, deems a simple linked list "too complicated" for mere mortals, and routinely tells people "just" to use a crate that does it for you.
To me, this sounds like "leftpad" but for CS1 data structures.
Probably because 120 (*) have been added in the intervening 4 years.
(*) random number