This is a follow-up to Jon’s original post on Carefully (but purposefully) oxidising Ubuntu and Julian’s migration spec for 25.10. We promised transparency throughout this process, and this post is written in that spirit. What happened after the announcement Following the decision to adopt rust-coreutils, we got to work. Any package shipped by default in Ubuntu must be promoted to Ubuntu Main, which requires passing a thorough security review. We quickly assembled an internal team spanning Ubun...
Even if a decent number of the vulnerabilities closed by mit/rust coreutils are not exploitable or would require an insane chain, distros untouched by the perverse incentives of rust will eventually adopt them based solely on the number of closed bugs alone.
We are headed for the ibm/unix past of open source because the multipolar world we are headed towards mirrors the conditions of that past.
The tools of that transition happen to be rust/junior devs/ai, but if different tools were available that would generally reach those ends they would be in use instead.
🖕x 200 then
Any distro that packages this should package a libre version with GPL.
Eventually that option will go away.
Even if a decent number of the vulnerabilities closed by mit/rust coreutils are not exploitable or would require an insane chain, distros untouched by the perverse incentives of rust will eventually adopt them based solely on the number of closed bugs alone.
We are headed for the ibm/unix past of open source because the multipolar world we are headed towards mirrors the conditions of that past.
The tools of that transition happen to be rust/junior devs/ai, but if different tools were available that would generally reach those ends they would be in use instead.