the tech debt risk in this case is mostly in the cleanup phase, not the port itself. non-idiomatic Rust that came from C++ tends to have a lot of raw pointer patterns and manual lifetime management that works fine but hides implicit ownership assumptions. when you go to make it idiomatic, the borrow checker forces those assumptions to be explicit, and sometimes you discover the original structure doesn't compose well with Rust's aliasing rules. servo went through this. the upside is you catch real latent bugs in the process.

It depends. I migrated a 20k loc c++ project to rust via AI recently and I would say it did so pretty well. There is no unsafe or raw pointer usage. It did add Rc<RefCell in a bunch of places to make things happy, but that ultimately caught some real bugs in the original code. Refactoring it to avoid shared memory (and the need for Rc<RefCell<>> wasn't very difficult, but keeping the code structure identical at first allowed us to continue to work on the c++ code while the rust port was ongoing and keep the rust port aligned without needing to implement the features twice.

I would say modern c++ written by someone already familiar with rust will probably be structured in a way that's extremely easy to port because you end up modeling the borrow checker in your brain.

Yes, I just translated a Rust library from non-idiomatic and unsafe Rust to idiomatic and safe Rust and it was as much work as if I had rewritten it from scratch.

This is what I was trying to highlight in my post.

I don't think they were having problems with C++, they moved to Rust for memory safety. Mind that they migrated LibJS, their JavaScript library.

Andreas Kling mentioned many times they would prefer a safer language, specifically for their js runtime garbage collector. But since the team were already comfortable with cpp that was the choice, but they were open and active seeking alternatives.

The problem was strictly how cpp is perceived as an unsafe language, and this problem rust does solve! Not being sarcastic, this truly looks like a mature take. Like, we don't know if moving to rust would improve quality or prevent vulnerabilities, here's our best effort to find out and ignore if the claim has merits for now. If the claim maintains, well, you're better prepared, if it doesn't, but the code holds similar qualities...what is the downside?