MoreRSS

site iconPredrag GruevskiModify

Blog Dev
An independent software engineer applying compiler technology to the data space. I most often write about Rust, compilers, performance optimizations, and data querying technology.
RSS: https://predr.ag/atom.xml
Please copy the RSS to your reader, or quickly subscribe to:

Inoreader Feedly Follow Feedbin Local Reader

Rss preview of Blog of Predrag Gruevski

XORry Not Sorry: The Most Amusing Security Flaws I've Discovered

2025-04-01 08:00:00

Happy April 1st! This post is part of April Cools Club: an April 1st effort to publish genuine essays on unexpected topics. Please enjoy these true stories, and rest assured that the tech content will be back soon!

The mouse started moving. Not the one on the desk, the pointer on the screen! First to the left, then down to the bottom corner.

*Click!* The Windows Start menu came up.

"cmd" wrote a silent hand on an invisible keyboard. It downloaded a file from a random-looking URL, then executed it.

*Pop* went both the computer and the illusion of security.

When is "this trait can be implemented" part of the trait's public API?

2025-03-08 08:00:00

cargo-semver-checks v0.40 ships a massive upgrade to its system for detecting sealed traits. The new system is an all-around win-win: it improves the accuracy of a dozen existing lints, enables a new series of helpful lints, handles cyclic trait relationships, and is also faster than the old system. All that took a lot of work! Here's a look at how we made it happen.

"We never update unless forced to" — cargo-semver-checks 2024 Year in Review

2025-01-21 08:00:00

cargo-semver-checks ends 2024 having improved dramatically over the course of the year: 12 new releases featuring 63 new lints, with 1175 merged PRs from 57 authors across the many repos that make the project tick. Let's recap what we learned, the biggest things we shipped, and the facets of the project that made it to the conference and podcast circuits.

Breakage! in the Cargo.toml — How Rust Package Features Work (And Break)

2024-12-04 08:00:00

cargo-semver-checks v0.37 can now scan Cargo.toml files for breakage! In this post: a primer on Rust package features, and how innocuous-looking Cargo.toml changes can break your users.

Is this trait sealed, or not sealed — that is the question

2024-09-03 08:00:00

cargo-semver-checks v0.35 can determine whether Rust traits are "sealed", allowing it to catch many tricky new instances of SemVer breakage. Why is accurate sealed trait detection so important, and why is implementing it correctly so hard?

How to Query (Almost) Everything

2024-07-22 08:00:00

In 2022, I gave a talk at a virtual conference with an unforgettable name: HYTRADBOI, which stands for "Have You Tried Rubbing a Database On It?" Its goal was to discuss unconventional uses of database-like technology, and featured many excellent talks.

My talk "How to Query (Almost) Everything" received copious praise. It describes the Trustfall query engine's architecture, and includes real-world examples of how my (now-former) employer relies on it to statically catch and prevent cross-domain bugs across a monorepo with hundreds of services and shared libraries. For example: