Zig feels more practical than Rust for real-world CLI tools

Original Article ↗ Hacker News Discussion ↗

Zig vs Rust Memory Safety

  • Zig compiles to machine code but can also emit C (non‑portable) and translate C → Zig; this doesn’t make it “secure C”.
  • Compared to C, Zig adds bounds‑checked slices, optionals, and safer defaults, preventing many spatial errors (out‑of‑bounds, null deref, type confusion).
  • Compared to Rust, Zig still allows temporal bugs (use‑after‑free, data races). Several commenters point to real‑world segfaults in Zig projects (e.g., Ghostty, Bun) as evidence of this gap.
  • One line of argument: spatial bugs dominate CVEs, so Rust’s extra temporal guarantees may be “8th order” and not always worth the complexity; others counter that in domains like kernels, browsers, and VMs, temporal bugs matter a lot.

Discipline vs Language Guarantees

  • The article’s “basic understanding + discipline is enough” line draws heavy criticism; many recount large C/C++ codebases where static analyzers immediately revealed heaps of classic memory bugs.
  • Critics argue that even very skilled developers are fallible over decades, bad days, and large teams; relying on discipline scales poorly.
  • Defenders of Zig note that arenas, temp allocators, and Zig’s tooling can make many patterns effectively safe in practice, especially for short‑lived utilities.

Borrow Checker, Ergonomics, and Arc

  • Rust’s borrow checker is widely acknowledged as initially frustrating; supporters say seasoned Rust developers “think like the checker” and structure data differently (indices, arenas, ECS, etc.).
  • Others argue that even experienced teams hit painful refactors when requirements change (e.g., formerly independent data now must be mutated concurrently), and lifetimes/ownership can be overbearing for exploratory coding.
  • There’s debate around heavy use of Arc, Rc, RefCell, and .clone():
    • Some see this as “giving up” and emulating a GC with extra syntax.
    • Others say shared ownership is sometimes the right abstraction, especially with async runtimes, and safe Rust still prevents UB.
  • Several note that Rust improves correctness beyond memory safety via sum types, exhaustive matching, and explicit error handling, but at compile‑time and cognitive cost.

Use Cases: CLI Tools and Beyond

  • Many argue that for small, short‑lived CLI tools:
    • GC languages (Go, Python, Nim, etc.) are often sufficient and easier.
    • Manual frees can be skipped and left to process exit.
  • Pro‑Zig voices claim Zig hits a sweet spot for CLIs: C‑like simplicity, great cross‑compilation, fast builds, and “enough” safety without Rust’s complexity.
  • Others respond that CLIs often run as root or on untrusted input, so Rust’s stronger guarantees are still valuable.

Other Languages and Historical Context

  • Nim, Odin, V, D, Swift, OCaml, Modula‑2/3, Oberon, and GC’d systems (Java, C#, Go) are brought up as alternatives:
    • Swift and GC languages are cited as examples that can be both safe and ergonomic, at different performance points.
    • Historical attempts at safe systems languages (Modula‑3, Oberon, Cedar, etc.) are mentioned; some attribute their limited adoption to management and ecosystem, others to insufficient “fitness advantage”.
  • Go is praised for CLI deployment and tooling but criticized for its simplistic type system and awkward standard APIs.

Security, Undefined Behavior, and Risk Tradeoffs

  • Several participants emphasize that undefined behavior invalidates any reasoning about a program; safe Rust’s key value is eliminating UB in safe code.
  • Others argue that:
    • You can write large memory‑safe C/C++ systems with enough tooling and discipline, though this is disputed.
    • Overall security risk comes from many sources (SQLi, CSRF, logic bugs), not just memory safety.
    • For some products (e.g., JVM vs. Java apps), investing in higher‑level security may yield more benefit than eliminating all UAFs in the runtime.

Meta Reactions to the Article

  • Some see the blog as click‑bait: heavy ads, strong anti‑Rust framing, and self‑promotion, with little concrete code to back key claims (e.g., the notes CLI example).
  • Others appreciate Zig’s goals but view the article as underplaying Rust’s proven safety benefits and overstating the practicality of “just be disciplined” in real‑world teams.