|
|
Subscribe / Log in / New account

Should C++ be deprecated?

Should C++ be deprecated?

Posted Oct 16, 2025 18:56 UTC (Thu) by LtWorf (subscriber, #124958)
In reply to: Should C++ be deprecated? by taladar
Parent article: Comparing Rust to Carbon

The xz thing happened on a rather small dependency. The weekly disaster that happens on npm/pypi are usually on tiny things.

Do you have other examples?

to post comments

Should C++ be deprecated?

Posted Oct 17, 2025 8:29 UTC (Fri) by taladar (subscriber, #68407) [Link] (2 responses)

Do languages with large dependencies even have the tooling to find these?

The era of these kinds of supply chain attacks is only a few years old

I know e.g. Daniel Stenberg regularly talks in his blog about bugs that have been in the curl code base for a decade or more and that is a medium sized code base with relatively strict testing and oversight so I wouldn't be surprised if a vulnerability smuggled into something the size of Qt, LLVM or Chromium Embedded Framework with corners that haven't seen updates in years will only be discovered by 2040 by accident.

Should C++ be deprecated?

Posted Oct 17, 2025 8:43 UTC (Fri) by LtWorf (subscriber, #124958) [Link] (1 responses)

We're talking about supply chain attacks, not bugs. Do you have relevant examples or not?

Should C++ be deprecated?

Posted Oct 17, 2025 12:15 UTC (Fri) by taladar (subscriber, #68407) [Link]

My entire point is that nobody looks at those code bases so we simply don't know. Meanwhile the languages with small dependencies actually develop tooling to make those problems visible.


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds