News
Rust Language Gains Traction in .NET Community
The Rust programming language is gaining traction in the .NET community, both with Microsoft and among front-line developers.
Mozilla, the creator of Rust, said it was created in 2006 as "an alternative to C/C++," listing its distinguished features as:
- Zero-cost abstractions
- Move semantics
- Guaranteed memory safety
- Threads without data races
- Trait-based generics
- Pattern matching
- Type inference
- Minimal runtime
- Efficient C bindings
For the most recent example of Rust gaining traction among .NET developers, a new survey by the .NET Foundation asked 4,509 developers what languages they were currently using, what languages they had used in the past year and what languages they were interested in using. The top three responses for each question were:
As the figure above, shows, the top three answers for the first two questions about what languages were being used and what languages had been used in the past year were identical:
- C#
- JavaScript
- TypeScript
However, the third question about what languages respondents were interested in using showed Rust at No. 2. For the "currently using" and the "have used in the past year" questions, Rust clocked in at No. 11. So .NET developers haven't been using Rust much, but they are certainly interested in doing so.
The .NET Foundation said, ".NET developers are interested in Rust. This backs up the 2020 Stack Overflow Developer Survey, where Rust was the most loved language. There may be potential for a .NET Foundation partnership or some coordination with the Rust Foundation here."
That's not surprising considering the growing hype about Rust in the more general development community. Cases in point include:
- Facebook just joined the Rust Foundation last week, saying, "We are joining the Rust Foundation to help contribute to, improve and grow this language that has become so valuable to us and developers around the world. We look forward to participating with the other foundation members and the Rust community to make Rust a mainstream language of choice for systems programming and beyond."
- Earlier last month, Google said it was going to write some low-level Android mobile OS code in Rust for security reasons, saying, "Rust provides memory safety guarantees by using a combination of compile-time checks to enforce object lifetime/ownership and runtime checks to ensure that memory accesses are valid. This safety is achieved while providing equivalent performance to C and C++."
- Earlier in April, Microsoft announced Rust for Windows, saying "Rust for Windows (currently in preview form) is the latest language projection for Windows. Rust for Windows lets you use any Windows API (past, present, and future) directly and seamlessly via the windows crate (crate is Rust's term for a binary or a library, and/or the source code that builds into one)."
-
Also in April, we wrote about a big "Developer Economics State of the Developer Nation, 20th Edition" report from SlashData that revealed Rust was the fastest-growing language community over the previous 12 months, saying "Rust has formed a very strong community of developers who care about performance, memory safety and security." That community, though fast growing, is relatively small:
- In February, Microsoft joined the Rust Foundation as a founding member, when it said "As Rust's popularity has grown, it has continued to demonstrate outstanding language stewardship and a strong track record of keeping Rust true to its goals of performance, reliability, and productivity."
- Earlier in the year, in opening up old Win32 APIs to C# and Rust, Microsoft said more languages were to come. So Rust took precedence over TypeScript, F#, C++, Python, Java and so on. In commenting about the language projections used to open up those old APIs to newer languages, Microsoft said, "The Rust language projection follows in the tradition established by C++/WinRT of building language projections for Windows using standard languages and compilers, providing a natural and idiomatic way for Rust developers to call Windows APIs."
- About a year ago, a big Stack Overflow survey said Rust was the "most loved" programming language -- for the fifth year in a row, with SO commenting, "Rust promises performance, control, memory safety, and fearless concurrency -- an enticing combination, especially for systems programming. It has also brought some interesting features -- like affine types and hygienic macros -- into the mainstream discourse. Coupled with an open development process, it makes sense that many programmers (even those that don't use it) hold Rust in high esteem."
But Microsoft's interest in Rust dates back much further, going back to 2019 when C++ memory bugs prompted it to eye Rust instead for low-level systems programming. "The majority of vulnerabilities fixed and with a CVE [Common Vulnerabilities and Exposures] assigned are caused by developers inadvertently inserting memory corruption bugs into their C and C++ code," said Gavin Thomas, principal security engineering manager on the Microsoft Security Response Center (MSRC) team, in a July 2019 post titled "A proactive approach to more secure code."
That post was followed by others including: "We need a safer systems programming language" and "Why Rust for safe systems programming."
A couple more Rust-oriented posts were published by the MSRC last year, but nothing since August 2020.
Rust is still on the minds of Visual Studio Magazine readers, though. Just this week, in commenting on the article "What's the Top App Model Used by .NET Developers?" a reader asked if Microsoft is embracing Rust and if it's easy to learn. Another reader responded: "Yeah MS is embracing Rust. They're replacing a bunch of C++ that has unsafe memory issues in the Windows kernel. It's no harder than learning any other programming language. The only harder part is it forces you to write memory safe code or it won't compile."
Rust is also very much on the minds of Visual Studio Code users, as a survey published about a year ago showed VS Code is the No. 1 editor used by Rust developers. To help them out, in the VS Code Marketplace is a "Rust support for Visual Studio Code" extension that has been installed more than 1 million times, still in preview.
For developers wanting to jump on the never-sleeping Rust bandwagon, Microsoft has published:
Be warned, though, that with increasing popularity come bad actors, infringing on those vaunted security concerns. Just yesterday this article was published: "A Rust-based Buer Malware Variant Has Been Spotted in the Wild."
About the Author
David Ramel is an editor and writer at Converge 360.