🖨️ {fmt} — The C++ formatting library that should have existed from the start

Every C++ developer knows the pain.

`printf` is fast but unsafe — wrong format string, undefined behavior. `std::cout` is safe but verbose and slow. For decades there was no good middle ground. 💀

📦 Header-only & drop-in simple
One header, done. No build system changes, no heavy dependencies. No coincidence — spdlog uses {fmt} under the hood.

fmt::print("Connection from {} on port {}", ip, port);

Readable. Clean. No << chaos.

⚡ Faster than printf
Sounds too good to be true — but it's benchmarked. {fmt} beats printf in most cases because it knows more about types at compile time and decides less at runtime.

🛡️ Type-safe & compile-time checks
The real game changer:

fmt::print("{} {}", name); // ❌ Compile Error — argument missing

With printf that would have been silent undefined behavior. With {fmt} it breaks at compile time. Exactly where errors should be caught.

🔗 The red thread to C++20
{fmt} became so good it served as the blueprint for std::format in C++20. Using {fmt} today means learning the future of the C++ standard library at the same time.

🐧 printf was yesterday. cout is verbose. {fmt} is what C++ formatting should have always been.

#Cpp #Linux #SystemsProgramming #OpenSource

🔐 Been looking into hardening Unix Domain Sockets on Linux lately – here are some takeaways.

🛡️ Filesystem permissions: don’t rely on chmod on the socket file alone – some systems silently ignore it (hello SELinux). Protect the directory it lives in with 0750 and watch out for umask when calling bind() – it silently masks your intended permissions. Set umask before bind(), not chmod after.

🔍 Peer authentication: SO_PEERCRED after accept() gives you the PID, UID and GID of the connecting process, verified by the kernel. But it only captures credentials at connect() time – if the peer changes identity later, you won’t see it.

📨 Per-message auth: SCM_CREDENTIALS via sendmsg/recvmsg solves that. The kernel verifies the credentials on every message, even if the sender tries to lie. Essential when processes switch identity during their lifetime.

⚡ SOCK_SEQPACKET instead of SOCK_STREAM is worth considering. You get atomic message boundaries from the kernel – no custom framing, no partial reads, no glued-together messages.

🚦 Rate limiting unfortunately has to happen in userspace – the kernel offers nothing useful for per-peer UDS rate limiting. A simple token bucket per connection does the job.

Anyone else spent time hardening UDS? Curious what else people do beyond the basics.

#Linux #UnixDomainSockets #Security #SystemsProgramming #IPC #Infosec

The Cost of Indirection in Rust

https://blog.sebastiansastre.co/posts/cost-of-indirection-in-rust/

#HackerNews #CostOfIndirection #Rust #Programming #Performance #Optimization #SystemsProgramming

Rust 1.94.0 Released with Array Windows and Cargo Improvements

https://techlife.blog/posts/rust-1-94-0-released/

#RustLang #Rust #Programming #SoftwareDevelopment #SystemsProgramming #OpenSource #Cargo #ArrayWindows #TOML #ConstEval #RustRelease

Ruby provides a powerful interface for building native extensions, allowing Ruby code to call C functions directly.

The article walks through:

• the structure of a Ruby C extension
• compiling with extconf.rb
• argument conversion between Ruby and C
• wrapping native structures
• using Rust as an alternative for building extensions

Includes practical code examples for building your first native Ruby binding.

https://rubystacknews.com/2026/03/04/writing-ruby-bindings-for-c-libraries/

#ruby #systemsprogramming #opensource