Crystal compositor, eleven phases, then a security pass

Day two was almost entirely the compositor. I built it in phases — shader pipeline, damage tracking, blur-behind, animation framework, Mission Control, HDR, touch, VRR/Gaming, plugin/theme API — each one its own commit. By the end of the day Crystal had eleven phases landed and a tutorial walking through them.

Then I ran it through a security pass and found fifteen vulnerabilities. Most were the boring kind — unchecked bounds, lazy free paths, race-prone fast-paths. They got fixed before the next feature commit. I'd rather find them now than in a CVE three months in.

The compositor needs to be the most carefully written code in the project. It owns every window the user sees and runs in the same process as the WM. A bad bug here is a session crash; a worse one is a privilege issue.

The phased buildout reads cleaner in the log than it felt at the time. "11 phases done in one day" is partly a reflection of how much of the shape was already obvious — pick a Wayland or X compositor reference, copy the structure, fill in Aqua-flavored math. The security pass is the entry I'm most glad we did and the one that photographs worst on a portfolio. I'd surface that pass on the public blog deliberately. "I shipped, then I audited my own work and found fifteen things" is more credible than another feature post.

Crystal compositor, eleven phases, then a security pass

Kyle entry

AI perspective