IdeaWell

Project ideas from Hacker News discussions.

Banned C++ features in Chromium

Original Article

Hacker News Discussion

📝 Discussion Summary (Click to expand)

1. Banning Features Due to Historical Constraints and Codebase Specificity

Many participants argue that the banned list is not about the features' inherent quality but stems from Google's massive legacy codebase and monolithic repository. Using a standard library feature would be impractical if an older, proprietary alternative already exists and is deeply integrated. This is often viewed as a form of "Not Invented Here" (NIH) syndrome or a pragmatic necessity for uniformity in a giant project.

  • Night_Thastus: "Nothing particularly notable here. A lot of it seems to be 'We have something in-house designed for our use cases, use that instead of the standard lib equivalent'."
  • dmoy: "There's some massive NIH syndrome going on. Another piece is that a lot of stuff that makes sense in the open source world does not make sense in the context of the giant google3 monorepo with however many billions of lines of code all in one pile."
  • dfajgljsldkjag: "The banned list proves that context matters more than having the newest tools. These features work well for small apps but they cause problems in a project this size."

2. The Exception Handling Debate: Practicality vs. Robustness

The ban on C++ exceptions is a major point of contention. Participants are divided. One side defends the ban on practical grounds: Google's existing code is not exception-safe, and retrofitting them is too costly. The other side argues that exceptions are a superior error-handling mechanism to error codes, offering better safety and cleaner code separation, especially when using modern language constructs (like std::expected).

  • pjmlp (quoting the guide): "Our advice against using exceptions is not predicated on philosophical or moral grounds, but practical ones. ... Things would probably be different if we had to do it all over again from scratch."
  • jandrewrogers: "In low-level systems software, which is a primary use case for C++, exceptions can introduce nasty edge cases that are difficult to detect and reason about. The benefits are too small to justify the costs to reliability, robustness, and maintainability."
  • kllrnohj: "If you forget to handle a C++ exception you get a clean crash. If you forget to handle a C error return you get undefined behavior and probably an exploit. Exceptions are more robust, not less."

3. The char8_t Controversy and C++ Portability

The discussion reveals a deep skepticism about the utility of the char8_t type introduced in C++20. Critics argue its design is flawed, as it's not truly 8-bit guaranteed and is incompatible with existing APIs, forcing casts everywhere. The debate extends to the broader question of whether C++ should prioritize support for esoteric, non-8-bit-byte platforms at the expense of simplicity for the vast majority of users.

  • vitaut (quoting the guide): "Non-UTF-8 encodings are rare enough in Chromium that the value of distinguishing them at the type level is low, and char8_t is not interconvertible with char... so using u8 prefixes would obligate us to insert casts everywhere."
  • 20k: "char8_t also isn't guaranteed to be 8-bits, because sizeof(char) == 1 and sizeof(char8_t) >= 1. On a platform where char is 16 bits, char8_t will be 16 bits as well. The cpp standard explicitly says that it has the same size, typed, signedness and alignment as unsigned char, but its a distinct type. So its pretty useless, and badly named."
  • LexiMax: "Is there a single esoteric DSP in active use that supports C++20? ... It really does seem that trying to be the language for all possible and potential architectures might not be the right play for C++ in 202x."

🚀 Project Ideas

BanGuard

Summary

  • A static‑analysis and CI‑integrated tool that enforces a project‑specific banned‑API list (e.g., Google’s style guide, custom in‑house rules).
  • Provides auto‑fix suggestions, linting, and a dashboard for compliance metrics.

Details

Key Value
Target Audience C++ teams with legacy codebases or strict style guides (Chromium‑style, embedded, finance).
Core Feature Parses source, matches banned symbols, reports violations, offers quick‑fixes, and integrates with GitHub Actions / GitLab CI.
Tech Stack C++17, Clang tooling (libclang), Python for CI scripts, React for web UI.
Difficulty Medium
Monetization Revenue‑ready: subscription tiers for enterprise support and custom rule sets.

Notes

  • HN commenters lament “we have something in‑house designed for our use cases, use that instead of the standard lib equivalent.” BanGuard lets teams enforce that rule automatically.
  • “We have a linter that checks most of them as a pre‑upload hook.” – BanGuard replaces manual hooks with a unified, configurable system.
  • The tool sparks discussion on how to balance legacy and modern code, and can be used as a teaching aid for new hires.

SafeContainers

Summary

  • A drop‑in replacement library for std containers that prioritizes safety, performance, and ABI stability for legacy systems.
  • Offers intrusive lists, robin‑hood hash maps, and flat maps with a std‑like API.

Details

Key Value
Target Audience Large codebases with custom containers (e.g., Chromium, embedded firmware).
Core Feature Provides safe_vector, safe_map, intrusive_list, etc., with optional compile‑time flags to toggle between std and safe variants.
Tech Stack C++20, Boost.Hana for compile‑time checks, optional Rust FFI for performance‑critical parts.
Difficulty High
Monetization Revenue‑ready: open‑source core + commercial support contracts.

Notes

  • “We have our own containers that date back to before the STL was even stable.” SafeContainers gives a modern, well‑tested alternative without breaking ABI.
  • “The STL makes you pay for ABI stability no matter if you want it or not.” SafeContainers can be compiled as a static library, preserving ABI across compiler upgrades.
  • The library invites discussion on container design trade‑offs and can be used as a benchmark for performance in legacy systems.

ChronoMigrator

Summary

  • An automated migration assistant that converts legacy date/time types to std::chrono, preserving semantics and generating unit tests.
  • Handles edge cases like time zones, DST, and custom epoch offsets.

Details

Key Value
Target Audience Teams maintaining old C++ codebases with custom date/time structs.
Core Feature AST‑based refactoring, diff generation, test harness generation, and rollback support.
Tech Stack Clang LibTooling, Python, Google Test, CI integration.
Difficulty Medium
Monetization Hobby (open‑source) with optional paid consulting.

Notes

  • “Migrating our date/time stuff to <chrono> seemed like one of those.” ChronoMigrator automates the tedious part, reducing human error.
  • “We have something in‑house designed for our use cases, use that instead of the standard lib equivalent.” The tool can optionally keep a wrapper layer, easing gradual migration.
  • The project can spark debate on the practicality of modernizing legacy code versus maintaining custom solutions.

Char8Validator

Summary

  • A compile‑time and runtime checker that ensures correct usage of char8_t and UTF‑8 string literals across a codebase.
  • Detects accidental mixing of char8_t with char*, warns about non‑8‑bit platforms, and suggests replacements.

Details

Key Value
Target Audience C++ developers working on cross‑platform or embedded projects where char8_t support is inconsistent.
Core Feature Clang plugin that flags char8_t usage, provides diagnostics, and offers automated refactoring to std::string or std::u8string.
Tech Stack Clang, CMake, Python for post‑processing, optional VSCode extension.
Difficulty Low
Monetization Hobby (open‑source).

Notes

  • “char8_t is probably one of the most baffling blunders of the standards committee.” This tool turns that confusion into actionable warnings.
  • “We have to support non‑8‑bit platforms.” The validator can detect CHAR_BIT != 8 and alert developers before runtime surprises.
  • By making char8_t usage explicit, the project encourages safer Unicode handling and can be a talking point in code reviews.

Read Later