Issue #11: Svelte Summit, Rust in JS, Trait Thoughts
Welcome to yet another issue. I'm going to try changing things up a bit and put the original content at the top with the links to other interesting stuff below. Let me know what you think!
What I'm Working On
Ergo is coming along well. I have most of the implementation done for running actions, and it's just about ready for a full end-to-end test.
Scripting
Once that's working, one of the next steps will be to add in the Javascript component to actually make it a "low code" product. After looking around at various Rust solutions for Javascript embedding, I've settled on the deno_core crate. Yes, the same one developed by the Deno project for use in their framework.
The Deno implementation has a few advantages. Notably, it uses V8 and so will get all the performance, flexibility, and security provided by a world-class Javascript VM. But the Deno developers have also provided some really nice abstractions to make it easier to work with. A sample:
Easier ways to manage V8 isolates and the event loop.
Abstractions over "ops", which allow the Rust environment to expose functions for the Javascript code to call.
A flexible module loading system to allow importing from the filesystem, the network, and so on.
Pluggable libraries, so that potentially insecure functions like fetch can be added only in the instances that should be allowed to use them.
I've barely scratched the surface on this, but should have much more to say about embedding deno_core inside Rust as time goes on.
Wrapped Trait Objects
There's a place in Ergo where I have a pluggable Postgres authentication provider. It has the option to get the role info from Hashicorp Vault, a fixed username and password provided from the environment, or a mock provider for testing.
Initially, the implementation was using a Arc<RwLock<VaultClient>> for this. The VaultClient would be locked for writing when updating its internal Vault credentials, and locked for reading when refreshing the Postgres authentication.
When adding the fixed authentication, I changed this to a trait object Box<dyn PostgresAuthRenewer. But this revealed a number of issues. A trait used as a trait object actually can not require Clone, which would not do in this case where I needed to be able to freely pass the Arc clones across async boundaries.
Next I tried moving the trait to be implemented on just VaultClient, so I ended up with a Arc<RwLock<Box<dyn PostgresAuthRenewer>>>. With the locking outside the trait object, it sort of worked. The Box inside an Arc was a little gross, and it would lock the object for the fixed auth even though it wasn't necessary, which was also gross but not a big deal.
The final straw was in testing. The mock object used in the tests needs to lock itself for writes briefly so that it can update some statistics, but this became difficult with the locks being handled outside the implementation.
Finally, I settled on Arc<dyn PostgresAuthRenewer>. This way the locking is all handled inside the trait implementation, it can be cloned, and there's no extra layer of indirection by putting a Box inside an Arc. Works great!
At some point I'll turn this writeup into a more full-featured blog post with real code samples.
Recommended Reading and Videos
Svelte Summit
The big news from this weekend was yet another Svelte conference with speakers from all around the world. I wasn't able to catch it live since it started at 3AM local time, but I've watched a few of the videos so far and they have been quite good. Definitely recommended if you're into Svelte or just curious about it.
Replit - Why We Switched From Webpack To Vite
Vite has been seeing a lot of uptake recently in the "really quick development builder" world, and this is a good example of why. I haven't had a chance to play with it yet, but probably will later this year as we attempt to move away from Webpack at work.
Incidentally, Replit has been doing a lot of cool stuff too. It's great to see a company that is enabling people to develop in all sorts of ways without requiring fancy hardware or "first-world adult" budgets. I'm looking forward to seeing more from them in the future.
If you enjoyed this, I'd love if you share it with a friend (sign up here) or just reply to this email with your thoughts. Thanks for reading!