Documentation is generally considered one of the stronger points of rust libraries. Crates.io is not a documentation site you want https://docs.rs/ for that though it is generally linked to on crates.io. A lot of bigger crates also have their own online books for more in depth stuff. It is not that common to find a larger crate with bad documentation.

They refuse to make changes to their C code, so it can cooperate with Rust code via bindings.

I don’t even think the rust devs where asking for that. They are refusing changes by rust devs that help with rust while making the c code clearer and even refuse to answer questions about the semantics behind the c code. At least as far as I can see from the outside.

Can when the specific situations are reached in very micro benchmark situations. But overall on aggregate you find even JIT languages don’t strictly outperform pre compiled languages for general workflows when looking at languages of a similar class. When you compare them to compiled languages like C/C++/rust/zip (aka ones without a GC or much of a runtime at all) then JIT languages fall behind like all other GCed languages.

Of these 25 reasons, most apply to a lot of languages and are far from Java exclusive or even java strong points. Pick any mainstream language and you will hit most of the benefits it lists here. With quite a few being almost meaningless. Like this:

Java/JVM/JIT can achieve runtime optimization on frequently run code, especially on something that’s running as a service so that you avoid the overheads from JVM startup times.

Compiled languages generally don’t need a JIT or to be optimized at runtime as they are compiled and optimized at compile time. And most language that don’t have a runtime like Javas already run faster than Java without its heavy startup time. Language with JITs are generally interpreted languages which have these same benefits as java lists here. Though do often suffer from other performance issues. But really at the end of the day all that really matters is how fast the language is and how good its startup times are. Java is not ahead of the pack in either of these regards and does not do significantly better then other languages in its same class (and often still drastically sucks for startup time).

Or

Much of a company’s framework can be stable Java, with Scala or Clojure-backed business logic.

Many languages you can embed other languages inside. Nothing really special about scala or clojure here except that they work well with java. And I don’t really see this as a major benefit as most places I see dont separate their core code and business logic into different languages.

And the remaining issues that are more java specific are:

Java was one of the first mainstream GC strongly typed OOP languages. So it got its niche.

Java has been one of the main programming languages taught in colleges and universities in the last few decades.

Java’s Legacy Migration: Many banks in particular migrated legacy systems to Java in the early 2000’s when it was getting a lot of popularity and the industry was collectively in the midst of a huge OOP fever dream.

Which all paint a picture - it was popular long ago and taught in universities and lots of business pushed it when back in the day. And now it is hard to move off it.

And lastly:

Oracle

What? How is this a point? If anything this should be a massive negative.

Not exactly 25 reasons to pick java in financial enterprise.

Did you read the article at all?

“Putting all new code aside, fortunately, neither this document nor the U.S. government is calling for an immediate migration from C/C++ to Rust — as but one example,” he said. “CISA’s Secure by Design document recognizes that software maintainers simply cannot migrate their code bases en masse like that.”

Companies have until January 1, 2026, to create memory safety roadmaps.

All they are asking for by that date is a roadmap for dealing with memory safety issues, not rewrite everything.

Or refactored at a later date.

Creating functions is IMO not the first thing you should do. Giving variables better names or naming temporaries/intermediate steps is often all you really need to do to make things clearer. Creating smaller functions tends to be my last resort and I would avoid it when I can as splitting the code up can make things harder to understand as you have to jump around more often.

Comments are not always a waste of time, but comments that repeat or tell you what the code is doing (rather than why) are a waste. For legacy code you generally don’t have comments anyway and the code is hard to read/understand.

But if you can understand the code enough to write a comment you can likely refactor the code to just make it more readable to start with.

For code that does not change generally does not need to be read much so does not need comments to describe what it is doing. And again, if you understand it enough to write a comment to explain what it is doing you can refactor it to be readable to begin with. Even for mathematical equations I would either expect the reader to be able to read them or link to documentation that describes what it is in much more detail to name the function enough that the reader can look it up to understand the principals behind it.

And they were arguing the same - just renaming the property rather than reusing it. You should only have one not both but naming them differently can make it clear which one you have.

But here I am arguing to not have either on the user object at all. They are only needed at the start of a request and should never be needed after that point. So no point in attaching them to a user object - just verify the username and password and pass around user object after that without either the password or hash. Not everything needs to be added to a object.

Worse, refactors make comments wrong. And there is nothing more annoying then having the comment conflict with the code. Which is right? Is it a bug or did someone just forget to update the comments… The latter is far more common.

Comments that just repeat the code mean you now have two places to update and keep in sync - a pointless waste of time and confusion.

When is the hashed password needed other than user creation, login or password resets? Once you have verified the user you should not need it at all. If anything storing it on the user at all is likely a bad idea. Really you have two states here - the unauthed user which has their login details, and an authed user which has required info about the user but not their password, hashed or not.

Personally I would construct the user object from the request after doing auth - that way you know that any user object is already authed and it never needs to store the password or hash at all.

Better yet, use LLM to generate the docs - then use it again to generate the code form the docs. WCPGW

and how can I make it easier for them.

I am wary of this. It is very hard to predict what someone else in the future might want to do. I would only go so far as to ensure nothing I am doing will unnecessarily block a refactor later on but I would avoid trying to add or abstract things in ways that make the current code harder to read because you think it might be easier for someone to add to in the future.

I have needed, far too many times, to strip out some unused abstraction to do something that abstraction was never intended to allow because someone was trying to save me time and predict what might happen to the code in the future and got it completely wrong. It is far easier to add an abstraction to simple code later on when it actually helps then to try and figure out what the abstraction is and remove it when it is found to be wrong.

This is abuse of the separation of concerns concepts IMO. You have taken things far too far many made it far less readable overall. The main concern here is password validation - and the code already separated this out from other code. By separating out each check you are just violating another principal - locality of behavior which says related things should be located close to each other. This makes things far easier to read and see what is actually going on without needing to jump through several classes/functions of abstraction.

We need to stop trying to break everything down into the smallest possibly chunks we can. It is fine for a few lines of related code to live in the same function.

Passwords should be hashed, not stored plain text! Hashes are always the same length so this is an immediate sign they are doing horribly insecure things with your password.

Honestly I think function folders is the wrong solution here. I see two different modes of exploring the code here - a high level over view of what is available and a detailed look at the actual code. Code folding to switch between these two modes is not, I think, the best way to do this. Just the easiest thing to replicate in most editors.

A better solution would be a separate view for these - maybe a side bar or overlay that you can popup when you want to navigate the code.

Rust docs has this - a summary of the methods and other symbols on the side with full descriptions in the main view.

Helix has a nice symbol picker which with some tweaks could be a much nicer way to do this:

If it did not strip so much info from the symbols it would basically show the collapsed view along side the code with the ability to search and jump to the code you are interested in. I want to see more refinement on features like this and not just have code folding which I tend to find more annoying and limiting - having to constantly collapse and expand sections when what I really want is to jump around the code base.

*in the web dev domain.

Which also has a very disproportionate representation on the web - for obvious reasons. And it is very easy to get stuck in the mentatilty that all you see if the domain you are in so you over estimate how large it is compaired to other domains. But lets not forget general application development, old large scale enterprise, embedded systems, game dev, machine learning and many more spaces where JS/TS are barely used at all.

I suspect that concurrency was used back when there were only single threaded cpus, when process scheduling became a thing, to talk about the difference between running one process after another vs interleaving the processes so they appear to be concurrent. Then once true multithreaded programs became a thing they needed a new word to describe things happening at the exact same time instead of only appearing to.

I would argue that rust has a very strong OO feature set (it just lacks inheritance which is the worst OO feature IMO). It is not seen as an OOP language as it also has a very strong functional and procedural feature set as well and does not favor one over the other letting you code in any style that best fits the problem you have.

So I would not say OO and a borrow checker are impossible or even hard. What makes less sense is a GC and the borrow checker. Though there are some use cases for having a GC for a subset of a program.

And if you only have one layer then why not just use interfaces/traits? Which are a vastly better design than inheritance.