Dirkjan Ochtman
@djc.ochtman.nl
Fan of Rust, open source maintainer. Please consider sponsoring my OSS work on GitHub.
Is there ever a legit use case for `const FOO: AtomicU8: ..`? If not, can we please promote `clippy::declare_interior_mutable_const` to a compiler lint?
November 11, 2025 at 1:25 PM
Is there ever a legit use case for `const FOO: AtomicU8: ..`? If not, can we please promote `clippy::declare_interior_mutable_const` to a compiler lint?
Hot take: don’t make callback APIs in Rust. Minimize Fn arguments; guard types are almost always a better solution (except in very simple/generic map() combinators).
November 6, 2025 at 5:14 PM
Hot take: don’t make callback APIs in Rust. Minimize Fn arguments; guard types are almost always a better solution (except in very simple/generic map() combinators).
Second time I heard this pitch this week. The problem is that (well-maintained) dependencies take care of the issues you haven’t thought of yet. There is some cost to having dependencies and making sure the dependency graph doesn’t grow too much takes work, but codegen doesn’t seem a great option.
What if, instead of adding dependencies for most things, we used large language models to generate code instead?
nrempel.com/smaller-sur...
nrempel.com/smaller-sur...
Smaller Surfaces
Modern dependency graphs feel like thickets. Agents make it practical to generate narrow helpers, keep the runtime surface small, and verify the results with the tools you already trust. This essay looks at how to use generation over integration without slipping into wheel reinvention or fragile bespoke stacks.
nrempel.com
November 1, 2025 at 6:25 PM
Second time I heard this pitch this week. The problem is that (well-maintained) dependencies take care of the issues you haven’t thought of yet. There is some cost to having dependencies and making sure the dependency graph doesn’t grow too much takes work, but codegen doesn’t seem a great option.
deepSURF: Detecting Memory Safety Vulnerabilities in Rust Through Fuzzing LLM-Augmented Harnesses
arxiv.org/abs/2506.15648
arxiv.org/abs/2506.15648
deepSURF: Detecting Memory Safety Vulnerabilities in Rust Through Fuzzing LLM-Augmented Harnesses
Although Rust ensures memory safety by default, it also permits the use of unsafe code, which can introduce memory safety vulnerabilities if misused. Unfortunately, existing tools for detecting memory...
arxiv.org
October 31, 2025 at 10:48 PM
deepSURF: Detecting Memory Safety Vulnerabilities in Rust Through Fuzzing LLM-Augmented Harnesses
arxiv.org/abs/2506.15648
arxiv.org/abs/2506.15648
Dutch folks: nerdvote.nl!
NerdVote.NL
Ondersteuning voor en informatie over alle kandidaat-kamerleden met en warm hart voor onze privacy en eigen IT-vaardigheden.
nerdvote.nl
October 29, 2025 at 8:09 AM
Dutch folks: nerdvote.nl!
Reposted by Dirkjan Ochtman
Please don't write your commit messages or PR descriptions with AI. If you didn't bother writing it I'm not sure I can be bothered reading it.
October 28, 2025 at 1:20 PM
Please don't write your commit messages or PR descriptions with AI. If you didn't bother writing it I'm not sure I can be bothered reading it.
Hot take: closures (above a certain fairly low complexity level) kinda suck and elaborating them into an explicit struct with an explicit method usually makes code easier to read. (More so in async world.) Instead, work on reducing the need (over guards), like partial borrowing?
New rust-lang blog post on explicit capture clauses, continuing to document thoughts about ergonomic ref-counting:
smallcultfollowing.com/babysteps/bl...
smallcultfollowing.com/babysteps/bl...
Explicit capture clauses · baby steps
smallcultfollowing.com
October 23, 2025 at 6:14 AM
Hot take: closures (above a certain fairly low complexity level) kinda suck and elaborating them into an explicit struct with an explicit method usually makes code easier to read. (More so in async world.) Instead, work on reducing the need (over guards), like partial borrowing?
This is going to be cool.
New #rust blog post on how we could get types that cannot be forgotten, types that must be moved, async and const drop, and other fun stuff:
smallcultfollowing.com/babysteps/bl...
smallcultfollowing.com/babysteps/bl...
Move, Destruct, Leak, and Rust · baby steps
smallcultfollowing.com
October 22, 2025 at 6:14 AM
This is going to be cool.
RustSec advisories for TARmaggedon are coming soon (probably tomorrow).
October 21, 2025 at 8:31 PM
RustSec advisories for TARmaggedon are coming soon (probably tomorrow).
Reposted by Dirkjan Ochtman
WTF. 🤯
Postman's server's are down and you can't even use desktop app with your local APIs!
This is exactly why I made yaak.app. It works offline, is open source, has no telemetry, no VC funding, and even syncs with Git!
Give it a try and let me know what you think ✨
Postman's server's are down and you can't even use desktop app with your local APIs!
This is exactly why I made yaak.app. It works offline, is open source, has no telemetry, no VC funding, and even syncs with Git!
Give it a try and let me know what you think ✨
October 20, 2025 at 4:43 PM
WTF. 🤯
Postman's server's are down and you can't even use desktop app with your local APIs!
This is exactly why I made yaak.app. It works offline, is open source, has no telemetry, no VC funding, and even syncs with Git!
Give it a try and let me know what you think ✨
Postman's server's are down and you can't even use desktop app with your local APIs!
This is exactly why I made yaak.app. It works offline, is open source, has no telemetry, no VC funding, and even syncs with Git!
Give it a try and let me know what you think ✨
Reposted by Dirkjan Ochtman
It's been 14 months since the ML-KEM spec was published.
age still isn't PQ because it's waiting for trivial details of the HPKE hybrids to stabilize, but they are blocked on the CFRG.
The TLS, SSHM, and LAMPS (X.509) IETF WGs are not waiting for CFRG. I just posted a plea for HPKE to do the same.
age still isn't PQ because it's waiting for trivial details of the HPKE hybrids to stabilize, but they are blocked on the CFRG.
The TLS, SSHM, and LAMPS (X.509) IETF WGs are not waiting for CFRG. I just posted a plea for HPKE to do the same.
[hpke] Let's ship post-quantum HPKE
Search IETF mail list archives
mailarchive.ietf.org
October 16, 2025 at 3:11 PM
It's been 14 months since the ML-KEM spec was published.
age still isn't PQ because it's waiting for trivial details of the HPKE hybrids to stabilize, but they are blocked on the CFRG.
The TLS, SSHM, and LAMPS (X.509) IETF WGs are not waiting for CFRG. I just posted a plea for HPKE to do the same.
age still isn't PQ because it's waiting for trivial details of the HPKE hybrids to stabilize, but they are blocked on the CFRG.
The TLS, SSHM, and LAMPS (X.509) IETF WGs are not waiting for CFRG. I just posted a plea for HPKE to do the same.
Reposted by Dirkjan Ochtman
We're excited to announce a new initiative to support the Rust Project, our Rust Maintainers Fund!
We are setting out to employ 6 full-time maintainers and 6 interns in 2026 to make sure #rustlang is well maintained and bugs and contributions get the attention they need.
Read more: rustnl.org/fund
We are setting out to employ 6 full-time maintainers and 6 interns in 2026 to make sure #rustlang is well maintained and bugs and contributions get the attention they need.
Read more: rustnl.org/fund
October 14, 2025 at 3:11 PM
We're excited to announce a new initiative to support the Rust Project, our Rust Maintainers Fund!
We are setting out to employ 6 full-time maintainers and 6 interns in 2026 to make sure #rustlang is well maintained and bugs and contributions get the attention they need.
Read more: rustnl.org/fund
We are setting out to employ 6 full-time maintainers and 6 interns in 2026 to make sure #rustlang is well maintained and bugs and contributions get the attention they need.
Read more: rustnl.org/fund
TFW when someone asks you to "resolve compilation errors" in their post-quantum VPN implementation and it's 4k lines of slop.
October 14, 2025 at 4:40 PM
TFW when someone asks you to "resolve compilation errors" in their post-quantum VPN implementation and it's 4k lines of slop.
Reposted by Dirkjan Ochtman
Igalia is excited to announce a new commission from the Sovereign Tech Fund to advance the Servo web engine.
www.igalia.com/2025/10/09/I...
www.igalia.com/2025/10/09/I...
Igalia, Servo, and the Sovereign Tech Fund | Igalia
Igalia is an open source consultancy specialised in the development of innovative projects and solutions. Our engineers have expertise in a wide range of technological areas, including browsers and cl...
www.igalia.com
October 10, 2025 at 11:33 AM
Igalia is excited to announce a new commission from the Sovereign Tech Fund to advance the Servo web engine.
www.igalia.com/2025/10/09/I...
www.igalia.com/2025/10/09/I...
Reposted by Dirkjan Ochtman
"[Ars Technica] asked Cruz's office to explain why a senator pressuring Wikipedia is appropriate while an FCC chair pressuring ABC is not and will update this article if we get a response."
arstechnica.com/tech-policy/...
arstechnica.com/tech-policy/...
Ted Cruz picks a fight with Wikipedia, accusing platform of left-wing bias
Cruz sends letter demanding answers from Wikimedia Foundation.
arstechnica.com
October 7, 2025 at 7:09 PM
"[Ars Technica] asked Cruz's office to explain why a senator pressuring Wikipedia is appropriate while an FCC chair pressuring ABC is not and will update this article if we get a response."
arstechnica.com/tech-policy/...
arstechnica.com/tech-policy/...
And then there's the prominent Rust maintainer who doesn't want their default branches renamed to main.
October 2, 2025 at 2:45 PM
And then there's the prominent Rust maintainer who doesn't want their default branches renamed to main.
I wrote another blog post for the Prossimo blog about how we improve the unhappy path for rustls users:
www.memorysafety.org/blog/rustls-...
www.memorysafety.org/blog/rustls-...
Improving Error Handling in Rustls
Dirkjan Ochtman is a maintainer of the Rustls TLS library that we've invested in since 2021. While he and the other maintainers have made many improvements and landed important features, we've asked D...
www.memorysafety.org
October 1, 2025 at 3:47 PM
I wrote another blog post for the Prossimo blog about how we improve the unhappy path for rustls users:
www.memorysafety.org/blog/rustls-...
www.memorysafety.org/blog/rustls-...
GitHub Actions badly needs some competition, it seems to be getting worse all the time. There's been several days in recent weeks where I had to spent more than an hour per day babysitting failing Actions. Or maybe they just don't like Europe enough to have some CET SRE?
October 1, 2025 at 2:57 PM
GitHub Actions badly needs some competition, it seems to be getting worse all the time. There's been several days in recent weeks where I had to spent more than an hour per day babysitting failing Actions. Or maybe they just don't like Europe enough to have some CET SRE?
Reposted by Dirkjan Ochtman
Maintaining #Rustls isn’t just code — it’s choices. Dirkjan shared how OSS maintainers balance safety vs. niche flexibility and why API instability or incompatibility can ripple across the ecosystem. Full story at netstack.fm/#episode-7
Netstack.FM — A Podcast About Networking and Rust
Interviews, monologues, and deep dives into Rust and modern networking systems.
netstack.fm
September 30, 2025 at 1:34 PM
Maintaining #Rustls isn’t just code — it’s choices. Dirkjan shared how OSS maintainers balance safety vs. niche flexibility and why API instability or incompatibility can ripple across the ecosystem. Full story at netstack.fm/#episode-7
You know you’re an OSS maintainer when the principal engineer at a large US company messages you on LinkedIn to “ask for your thoughts on the design of” $feature.
(The GitHub issues are right there, as is the Discord chat link.) (Of course this large company is not sponsoring your work.)
(The GitHub issues are right there, as is the Discord chat link.) (Of course this large company is not sponsoring your work.)
September 16, 2025 at 7:38 AM
You know you’re an OSS maintainer when the principal engineer at a large US company messages you on LinkedIn to “ask for your thoughts on the design of” $feature.
(The GitHub issues are right there, as is the Discord chat link.) (Of course this large company is not sponsoring your work.)
(The GitHub issues are right there, as is the Discord chat link.) (Of course this large company is not sponsoring your work.)
Reposted by Dirkjan Ochtman
We have a little blog post about this rustls.dev/blog/2025-09...
September 3, 2025 at 4:51 PM
We have a little blog post about this rustls.dev/blog/2025-09...
Reposted by Dirkjan Ochtman
LIVE at #rustconf: The Rust Foundation has launched its new "Rust Innovation Lab" with Rustls, a leading TLS library, as the inaugural hosted project!
The RIL provides comprehensive support for funded OSS projects, ensuring sustainable & community-led growth. rustfoundation.org/media/rust-f...
The RIL provides comprehensive support for funded OSS projects, ensuring sustainable & community-led growth. rustfoundation.org/media/rust-f...
September 3, 2025 at 4:14 PM
LIVE at #rustconf: The Rust Foundation has launched its new "Rust Innovation Lab" with Rustls, a leading TLS library, as the inaugural hosted project!
The RIL provides comprehensive support for funded OSS projects, ensuring sustainable & community-led growth. rustfoundation.org/media/rust-f...
The RIL provides comprehensive support for funded OSS projects, ensuring sustainable & community-led growth. rustfoundation.org/media/rust-f...
Using Python code in your Rust test suite is inevitably tech debt.
August 29, 2025 at 3:51 PM
Using Python code in your Rust test suite is inevitably tech debt.