It seems like a number of Debian ports are going to face difficult times over the coming months. Debian developer Julian Andres Klode has sent a message to the Debian mailing lists that APT will very soon start requiring Rust.
I plan to introduce hard Rust dependencies and Rust code into APT, no earlier than May 2026. This extends at first to the Rust compiler and standard library, and the Sequoia ecosystem.
In particular, our code to parse .deb, .ar, .tar, and the HTTP signature verification code would strongly benefit from memory safe languages and a stronger approach to unit testing.
↫ Julian Andres Klode
The problem for a lot of architectures that Debian supports, in one way or another, is that Rust and its toolchain simply aren’t available for them. As such, Julian Andres Klode states, rather directly, that these architectures have about six months to get themselves a full Rust toolchain, or sunset their Debian ports. The Debian PA-RISC (hppa) and Alpha ports, for instance, do not have a Rust toolchain port, and most likely won’t be getting one either, especially not within six months.
The reasoning for moving towards a hard Rust dependency for APT is the same as it is in every other similar case: Debian’s and APT’s developers want to be able to make use of modern tools and technologies, even if that means dead architectures get left behind. As much as I am a massive fan of retro-architectures like PA-RISC, I really don’t want otherwise modern Linux distributions to eschew modern tools and technologies just because they’re not available for an architecture that died in 2005. I own and use the last and most powerful PA-RISC workstation running HP-UX as a retro platform, so I definitely care – but I really don’t expect Debian or Fedora or whatever to waste any resources on supporting them if that means holding the distributions back for everyone else using it on actually modern platforms.
If there’s a large enough community of people around such architectures, they’ll keep the Linux train running. If not, well, that’s life.
The Ubuntu and Debian guys seem to have lost their collective minds rewriting core utils but luckily there are more conservative options like Net/OpenBSD and Slackware
What’s the problem with improving stuff?
Nothing if it really does improve anything. Rewriting in Rust is like Hollywood rebooting successful movies
Cleaning stuff, decreasing attack surface, making accessible to new developers…
bubi,
We could continue using unsafe languages like C/C++ indefinitely, but after so many decades of software having memory faults, vulnerabilities, breaches etc, I do think it’s time we start plotting paths for a better future for reliable software. Memory safety is a good example of something the industry has managed to improve significantly with new languages. Things like ASLR and memory tagging are bandaids that have limitations and don’t truly address the underlying cause of memory faults like safe languages do.
I admit not everyone agrees with the decision to switch, but I am afraid that many of them are sweeping objectively real problems with memory safety under the rug. This movement to safe languages will take a long time, but I do think we’ll be better off for it long term.
The last time I tried was 2 years ago, and my hppa C8000 ran Debian sid almost perfectly. I couldn’t get hardware acceleration on the Radeon, some nasty old bug, but everything else ran great.
I wish we would live in a society where we would start seeing energy as the endless resource it is (at least for a few billion years) and materials as finite (which they are). But we seem to be very keen into condemning good hardware to the landfill (and doing our best to exhaust our resources in a few hundred years) rather than going the extra mile to keep as many of them as functional for as long as possible.
Funny that I can do 99% of what I need to do with a computer from my nextstep 3.3 box, including printing to a new postscript printer and email. Banking I can do from my phone.
So, to add to my list of wishes, if the web would not suck so much and progress would slow down a bit so we could toss less things in the trash, would be great, really.
Indeed luckily there are more conservative options.
I’m getting a confusing message from your post. If your hppa machine is such a good fit for your current needs, how come you haven’t used it in 2 years ?
Most negative feedback to this kind of news feels so reactionary for the sake of it, with many theoretical arguments thrown around that it’s always hard to get if one is indeed sincere.
I’m generally sad to see anything hit the landfills, indeed. But hinting at open source projects being a noticeable driver for it when they deprecate architectures that have mainly ceased to see any real world usage for 15+ years, compared to what really contributes to that problem… I have a hard time seeing this as reasonable.
In any case, if the devs themselves don’t feel like maintaining the tools on their old foundations, I don’t think basic users like myself have any moral right to jeer at them. When Debian shut down the ppc port, I was sad, sure, but unless I do invest time in maintaining it, I don’t think I’m entitled to have others to do it on their free time either when it doesn’t suit them any longer (nor on paid time from their employers for whom there’s nothing much to gain).
I use it – HP-UX.
I’m not upset that developers are dumping geriatric platforms. It does indeed take time to maintain, and energy. I’m just sad at the whole “waste of resources” culture that gets us into this state where a web browser rendering about:blank consumes gigabytes of memory, and where a phone that is perfectly capable of recording and reproducing 4K video is also doomed to the landfill.
This is much bigger than any single developer or Linux distribution. It is just a result of Big Tech concentration and customers, with their incomes squeezed, coming to expect software for free and paying for the hardware. We should be using hardware as long as possible and paying for good, efficient software instead of generating trash and getting “free software”.
And I also hate that developers work for free on the things they love and get paid to deliver rubbish at Big Tech.
We really need to have a safe but backward compatible version of C++ so that we can have the safety of Rust without all the downsides of incompatibilities.