Python

Rationale

Python  is Fluid Attacks’ main back-end programming language.

The main reasons why we chose it over other alternatives are:

• It is open source .
• It is a high-level programming language that is fairly easy to understand when compared to others.
• It has a big community that supports thousands of libraries, making it very flexible.
• It has a big market, allowing us to easily find developers who have worked with it previously.
• It partially supports static typing  (as an extension rather than built-in), which helps with maintainability, clarity and debugging.
• It is an interpreted language , meaning that it does not require compilation before execution, which helps save time.

Alternatives

The following languages are being considered:

Go

• It is open source.
• It has a slightly more complex syntax than Python.
• Being a modern programming language, its community is still growing and is not as big as Python’s.
• It has a growing market, with more and more companies and developers embracing it.
• Due to its spike in popularity, it feels like the Python of the future.
• It is a compiled language , meaning that it requires spending extra time on compilation, but also increases source code quality by validating many things that interpreted languages like Python do not.
• It is much better than Python in terms of dependency management and setting up environments.
• It supports self-contained binaries, which allows for easy distribution of applications for any platform.
• It has built-in async support, ideal for intensive I/O applications.
• It has an acceptable multi-processing support, ideal for CPU-intensive applications.

Go  looks like a very solid alternative for pretty much everything that is currently built in Python, as it provides a middle ground between modernity, accessibility and achieving high-quality software.

TypeScript

• It is open source.
• It has a slightly more complex syntax than Python.
• Like Python, it has a big community, which makes it very flexible.
• It also has a big market, so finding developers is not a problem.
• Its static typing support is much better than Python’s.
• It is also an interpreted language, meaning that compilation is not necessary.
• It is much better than Python in terms of dependency management and setting up environments.
• It has built-in async support, ideal for intensive I/O applications.
• It is our second most-used language, meaning that migrating components to TypeScript would reduce the number of languages we support (less complexity) and also decrease cognitive load on developers.

TypeScript  looks like a very solid alternative for non-CPU-intensive components like:

• Integrates Back
• Forces
• Observes ETLs
• Melts

Rust

• It is open source.
• It has a much more complex syntax than Python.
• Being a modern programming language, its community is still growing and is not as big as Python’s.
• It has a small market, so finding experienced developers is way harder.
• It is one of the most reliable programming languages right now. It is memory-safe, has very powerful static typing, and allows writing highly maintainable and reliable applications in the long term.
• It is a compiled language, meaning that it requires spending extra time on compilation, but also increases source code quality by validating many things that interpreted languages like Python do not.
• It is much better than Python in terms of dependency management and setting up environments.
• It supports self-contained binaries, which allows for easy distribution of applications for any platform.
• It is one of the fastest programming languages on the market.

Rust  looks like a very solid alternative for CPU-intensive applications like:

• Skims
• Sorts

Usage

Python is used by:

• Integrates Back
• Skims
• Sorts
• Forces
• Observes ETLs
• Melts