it's incredibly cool to me that rust has gotten mature enough that the stdlib/compiler can just import its hashmap impl from the package manager without compromising on quality but also terrifying because god that's incredibly dangerous/complex/important code to just version bump

specifically i think it is malpractice to ship changes to this code without careful and thorough review. so there's a certain merit in the possibility that changes can just *not* ship because no one wants to review but if it's just another dependency, it's so easy to bump...

to be clear i have a ton of respect for the author of the proposed replacement, they're extremely responsive and clearly care about correctness and quality, but i literally don't trust any single human to get this stuff right. there needs to be the redundancy of review.

I agree with your caution but would also advise against unrealistically high standards. We’re already far beyond the review burdens of Linux kernel patches or JS JITs, both of which are trickier and more consequential than hash map implementations.

lol linux kernel reviews.

(Not saying the Linux kernel is what we should strive to, mind you) :)

I have very strong opinions about how totally fucked the kernel review system is :)