Almost six years after it debuted, the Rust programming language is moving out of the Mozilla’s house into a foundation of its own.
Mozilla and the Rust community on Monday plan to announce the creation of the Rust Foundation to oversee the sustenance of the language.
The non-profit foundation will manage the IT and administrative infrastructure that supports the open source Rust developer community, and will continue its technical governance of the language. It will do so with a budget of more than $1m annually, supported by founding member companies Amazon Web Services, Huawei, Google, Microsoft, and Mozilla.
“Mozilla incubated Rust to build a better Firefox and contribute to a better Internet,” said Bobby Holley, principal software engineer at Mozilla and Rust Foundation board member, in a statement provided to The Register. “In its new home with the Rust Foundation, Rust will have the room to grow into its own success, while continuing to amplify some of the core values that Mozilla shares with the Rust community.”
Based on a research project by then Mozilla developer Graydon Hoare, Rust saw its 1.0 release in 2015. As a systems programming language, it’s unlikely to become as popular as higher-level languages that have a lower learning curve, like Python. Still, it has become moderately popular in the overall scheme of things and is now among the top options for those working on projects that prioritize security and stability.
While it only reached the top 20 programming languages last year, Rust has proven to be appealing because it can provide both performance and memory safety and because its online community has been well-run. It has been voted the “most loved” programming language five years in a row in Stack Overflow’s annual developer survey.
In Rust we trust: Shoring up Apache, ISRG ditches C, turns to wunderkind lang for new TLS crypto module
For companies working on software projects that operate on a massive scale, Rust may be even more appealing. The Internet Security Research Group’s decision to create Apache httpd module
mod_tls in Rust to eventually replace
mod_ssl, written in C, follows from the language’s ability to improve memory safety.
At the AllThingsOpen virtual conference in May 2020, Microsoft cloud developer advocate Ryan Levick gave a presentation in which he explained why Microsoft is increasingly using Rust.
“The fact of the matter is that memory safety issues account for a large majority of CVEs (vulnerabilities) that we encounter in the wild,” he explained, citing the lack of memory safety in C++ as the source of many woes.
Other leading technology companies like Apple, Amazon, Dropbox, Facebook, and Google, he said, have also recognized the benefits of Rust’s safety capabilities.
In a blog post provided to The Register prior to publication, Ashley Williams, a member of the Rust Core team, said the first Rust Foundation board meeting has been scheduled for February 9th, at 1400 PT.
The group’s ten-person board of directors consists of one representative from each of five founding member companies and five directors involved in Rust project leadership – two from the Core team and three focusing respectively on reliability, quality, and collaboration.
Williams emphasized not only that Rust represents a technical endeavor that strives to balance power with accessibility, but also that the project exemplifies a model for community and collaboration.
“Rust believes that the ability of anyone to participate in the design and development of Rust is a mission critical aspect of building a language and ecosystem that is truly accessible to everyone,” she said.
In an email to The Register, Williams emphasized that The Rust Foundation intends to focus on the needs of project maintainers.
“We believe that the best possible Rust will be built by happy and supported people,” she said. “With this in mind, I expect us to focus on developing methods for evaluating the quality of both the maintainer experience and then developing services and programs that help improve that.”
“There are certain things the project has already identified as areas to target, including leadership and management skills, as well as collaboration, mediation, and conflict strategies. I also expect us to build new, and strengthen our existing, organizational relationships with other projects such as LLVM, as well as academic, research, and community organizations.”
Williams said that the foundation is likely to focus on issues that volunteer organizations find challenging, like access to legal and financial planning resources.
“These and other services will help the project tighten up product policy and better execute events and programs such as the Rust All Hands, which lets us gather our more than 100 global project leaders for a week of direct sync collaboration, and Increasing Rust’s Reach, a program designed to help folks from groups underrepresented in Rust become project contributors and leaders,” she said.
Rust’s greatest challenge at the moment, Williams said, is managing success.
“Rust is at what I anticipate is just the beginning of a large wave of adoption, and as has been seen in both open source and private organizations alike, this type of exponential growth can be a challenge to even the strongest and most resilient communities and cultures,” said Williams.
At the same time, Williams acknowledges that Rust has to deal with issues that most significant open source projects eventually confront like auditing costs and developing a sustainable environment for maintainers.
“We talk about ecosystems in tech all the time, but rarely do we critically engage with the balancing act that comes with healthily sustaining them,” said Williams. “Too often still, both industry and hobbyists alike see open source as without cost, but unlike the canonical saying ‘free as in beer,’ open source is more akin to ‘free as in puppy.'”
For those who’ve never been given a puppy, suffice to say that you pay in other ways. ®