Rust's problems and concerns

As free software users, we all enjoy using the latest and greatest in free software, but we need to make sure that the software we are using really does respect our freedom. The desire to run Rust is clear to be seen, since it appears to be fully free software, but it still fails in several ways.

What are the issues?

Rust and also Cargo (the Rust package manager) violate the freedom to redistribute without “explicit” approval. Their approach to protect their trademark imposes requirements for the distribution of modified versions that make it inconvenient to exercise freedom 3. To quote:

Distributing a modified version of the Rust programming language, compiler, or the Cargo package
manager with modifications other than those permitted above and calling it Rust or Cargo requires
explicit, written permission from the Rust Foundation. We will usually allow these uses as long as the
modifications are (1) relatively small and (2) very clearly communicated to end-users.

Exactly the phrases relatively small and very clearly communicated to end-users are parts of the problems: They are vague in their meaning and it is clear that the Rust Foundation has no real interest to have modified versions distributed. So for example to have Cargo removed as otherwise non-free packages could be used from projects being compiled. In fact Rust is that kind of complex with demanding dependencies that a removal of its internal package-management (Cargo) makes it not working and so there are even plugins to control licenses before applying something. That violates also Hyperbolas point of minimalism and the possibility to rebuild any package with own modifications from users at any given time! We talk here about making free, libre software good to handle and learn for technical emancipation, while Rust is going even more complicated and complex.

In short, the Rust Foundation won't be happy with us applying patches and modifications to their language without “explicit approval”, so it is a freedom issue. We should not have to ask for modifications and we do not ask for permission.

A free and libre oriented system cannot provide a package-manager besides its own to preserve the autonomy of the free system itself. What the users are doing is their own decision, but they should be always able to assure a consistent free and libre oriented system outside their own decisions that they are responsible for.

But that is not the only point: If we would remove Cargo, we would need to ask for permission when we call the package Rust. And if we remove the package-manager (Cargo) we also create a not useful result as Rust depends on it fully when building. If we add needed dependencies for software based on Rust, we enlarge the number of our packages provided. In fact the intention of Hyperbola to offer a system oriented on simplicity and minimalism is breached when we add more complexity.

To summarize the issues:

  • demands to ask for allowing modifications
  • complex structures
  • mandatory package-manager for building
  • packages downloaded at build-time can be non-free, so keeping that outside makes the whole build-system and infrastructure even more complex

The listing above only shows the major points, furthermore the Rust-Foundation is overreacting in our perspective with their language and demands handlings violating in fact free, libre software as it is based most on ethics and moral decisions as important, not what possible legal issues could be there.

Big Picture

There are important applications integrating Rust as a first-class language. Tor is one of them, and they have concluded their new implementation called "arti" written in Rust and the Linux-kernel with its Rust-implementation is also growing.

As an alternative to Tor, i2pd (I2P Daemon) may be used. It is a full-featured C++ implementation of I2P client, useful for building and using the anonymous I2P network. However, i2pd isn't compatible with the Tor network and uses .i2p rather than .onion sites (also known as Tor Hidden Services).

Also many other projects are changing their approach or get a complete rewrite in Rust as first-class language, some further examples:

The list can be enhanced for sure and clear to say that Rust is not only some sideload toolchain. As the buzzword “memory safety” is being in usage more and more projects get on this. Yes, the rewrite of GNU coreutils is not the main project. But who says exactly that this won't be the near future? As all the other points in this article were long before described, not solved and just accepted. It is a bad and foul compromise, endangering freedom of choice, user freedom for sure and also the freedom for system-distributions and operating-systems like Hyperbola.

It should be also mentioned that the Rust Foundation has a comparable members-list like the Linux Foundation. Speaking about a “community” is therefore not fitting in any way as those members are just companies and corporations. Neither Rust nor Linux are real community-oriented software and the FSF has failed to fork the kernel as GNU/Linux-libre for a long time now. That's the point for Hyperbola to become independent in a whole.

The point here is that Rust is not only a programming-language and the build-process needs essential Cargo to download further dependencies. As a current perspective there are 163.482 so-called “crates” available at crates.io. Every so-called crate is comparable to an own third-party library, possible to be downloaded and included right at build-time. In fact there is no complexity-reduction with Rust at any given point it is also not possible to patch any kind of simple solution back into this failed architecture.

Solutions

In fact Rust is failing any further simple solution, so we only list the common ones possible for a generic compilation. Without any doubt Rust fails to correspond towards the claims and principles Hyperbola is following:

  • Rebranding the entire language to avoid the trademark restriction. Such as IceCat was made to replace Firefox and Iceweasel-UXP to replace Basilisk; however it is a programming language, not a browser. A rebranded version of Rust maintained by the GNU Project and FSDG-compliant distros could be the way. However, we would need patches to adapt all Rust-dependant applications to the modified version of Rust, since it is a programming language. We would also need to maintain a list of nonfree cargo packages (crates) for blacklisting purpose.
  • Getting Rust to change its trademark agreement to allow modifications on the rust binary for any purpose in respect of Freedom 3.
  • Keep all Rust-based projects aside and focus only on the ones with a clear stance and accept not to include Rust in any way.

Hyperbola has taken the decision to keep Rust complete out of the repositories, including also all applications and libraries using Rust. We decline this kind of “freedom” under the influence of overreactions and enforcing a non-permissive approach for also more comprehensive changes. We also decline complexity generic so we do not accept package-managers for every single language or interpreter.

About Rebranding

We know that there is the claim it would be “easy to rebrand like Mozilla Firefox”, so we want to take this point and explain further why those things are different levels of complexity.

Rust is a complex language and framework including also an own package-manager, documentation and sources for building. Firefox is an application for users. Rebranding an application is one thing and rebranding a complete programming-language is not comparable. When people use this claim for Rust, they are doing something being not honest in the perspective that it is not sufficient to just rename some resulting binaries: The rebranding of Rust includes not only the binaries and some messages, there is the documentation, the included sources, naming for files, possible notes within the source-files, libraries and also the whole building-framework around. Yes, we also know about the project CrabLang. But that exactly underlines again our points: If it would have been that easy as some people say, this project would have already made a stable release and informed about that.

And all besides rebranding alone is also not enough: As we also mentioned already that Cargo may pull non-free packages and dependencies. Again to point out: It is not enough to talk about “rebranding” as Rust itself needs therefore also to be completely reworked for having it easier to handle with its dependencies at build-time.

Comparisons with other software trademarks

Some users have correctly mentioned that many other software packages have trademarks, do we plan to remove them all? No, but we see trademarks generic also not under a positive aspect when they are used that kind of harsh.

As an example, neither Python PSF nor Perl Trademarks currently prohibit patching the code without prior approval. They do prohibit abuse of their trademarks, e.g. you cannot create a company called “Python”, but this does not affect your ability to modify their free software and/or apply patches. And to underline again: We just refer towards patching the software-packages, not towards the generic trademark.

Due to the very strict written modification-clause, Rust is a non-permissive trademark that violates user freedom.

But including Perl and / or Python, while both having also a strong trademark?

Both projects have a clear trademark to protect the usage of the software itself against fraud. There is a difference as Python and Perl allow patching and modification defined within the four freedoms.

From Python:

(...)

Use of the word "Python" when redistributing the Python programming language as part of a freely 
distributed application -- Allowed. If the standard version of the Python programming language is 
modified, this should be clearly indicated. For commercial distributions, contact the PSF for permission if 
your use is not covered by the nominative use rules described in the section "Uses that Never Require 
Approval" above.

(...)

From Perl:

(...)

People sometimes ask if TPF's use of an onion in the Perl logo means that independent projects that use or 
relate to Perl need TPF's permission to use an onion of their own design in connection with their project.
​
The answer is "not necessarily" as long as no likelihood of confusion is created. One of the fundamental 
legal bases for trademark protection is to make sure that the public can depend on a mark as an accurate 
indicator of a particular source or relationship, and one way of defining trademark infringement is to say 
that the infringing mark creates a likelihood of confusion. Likelihood of confusion is determined based not 
only on making a comparison of the marks side-by-side, but also on making a comparison of the contexts 
in which they are actually used. Thus, it's easy to imagine independent onions that would be fine, and 
independent onions that might not be. Contact us at trademark@perlfoundation.org if you have any 
questions, or would like us to evaluate a particular logo or usage to see if it would be an infringement.

(...)

The comparisons are done intentional as Rust has no further interest within patching and modifications outside for special use-cases. We refer here exactly to the point again: It is possible to modify Python and Perl, calling both same way. It is not possible to modify Rust and a modification and complete rebranding is beyond possible without approaching that generic. So this is surely no point for a small team and project like Hyperbola!

And we close again for all interested with the definition of freedom: Freedom is the power or right to act, speak, and change as one wants without hindrance or restraint. Demanding the opposite is not freedom per definition and surely freedom always is included with responsibility. So we speak only on behalf for Hyperbola as project as we write down our reasoning. Others may see it different, but this does not redefine our points here.