Sources

The other biggest worries were that Rust may become too complex (41.6% in 2025 versus 45.2% in 2024) and that the developers and maintainers of Rust are not properly supported (38.4% in 2025 versus 35.4% in 2024). The survey also asked developers which aspects of Rust present non-trivial problems to their programming productivity. Here slow compilation led the way, with 27.9% of developers saying slow compilation was a big problem and 54.68% saying that compilation could be improved but did not limit them. High disk space usage and a subpar debugging experience were also top complaints, with 22.24% and 19.90% of developers citing them as big problems. … - 91.7% of respondents reported using Rust in 2025, down from 92.5% in 2024. ... - Generic const expressions was the leading unimplemented or nightly-only feature that respondents in 2025 were looking to see stabilized, with 18.35% saying the feature would unblock their use case and 41.53% saying it would improve their code.

Our interviews with 70+ developers across all experience levels tell a different story. While beginners struggle with ownership concepts, experts face domain-specific challenges—async complexity for network developers, certification gaps for safety-critical teams, ecosystem maturity issues for embedded developers. Even more concerning, we discovered evidence of "silent attrition"—developers who quietly abandon Rust not because they can't learn it, but because the accumulated friction makes them less productive than they'd like to be. … ### Compilation performance: the universal productivity tax **Every single cohort** we analyzed—from novices to experts, from embedded developers to web developers—cited compilation times as a significant barrier to productivity: > "Java takes about 100 milliseconds, Rust anywhere from 5 seconds to a minute depending on what you changed" -- Distinguished engineer working on backend systems at a large company > "8 to 10s iteration cycle... when you want to tweak the padding on a box" -- GUI development team The impact varies by domain, but the pattern is consistent. CLI tool and GUI developers, who need rapid iteration cycles, are hit hardest. Safety-critical developers with 25-30 minute build times face workflow disruption. Size-constrained embedded developers are forced into optimized builds that take longer to compile and complicate debugging. What's particularly important to note, is that this isn't just about absolute build times; it's about the **development velocity tax** that compounds over time. Long compile times can have strong negative impact on code iteration time. Anything that can reduce this code iteration time - hot reloading, fast debug builds, faster linking - will have an outsized impact on development velocity. Moreover, the compilation performance tax compounds at scale. Individual developers might tolerate 5-10 second builds, but teams with CI/CD pipelines, large codebases, and frequent iterations face exponentially worse impacts. One participant noted 25-30 minute builds that create "wait for 30 minutes before the tool finds out I made a mistake" cycles. ### The borrow checker: first it's sour, then it's sweet The borrow checker is often touted as a "beginner problem", and we found that this is largely true: Novices are most strongly impacted by the borrow checker, but this often extends even into the stage where a developer is *comfortable* writing Rust where they *still* get tripped by the borrow checker sometimes. However, highly-experienced Rust developers basically never cite the borrow checker itself as a frustration for them. > Ownership: The first time I went through the chapter, I was really like, what is this? - Developer learning Rust as a first language > I actually did not understand the borrow checker until I spent a lot of time writing Rust - Executive at a developer tools company ### Async complexity: the "Three Horsemen" problem Multiple participants identified `async` as a pain point. Many people, not just beginners, often choose to completely avoid it, instead focusing on solely on sync Rust. This is because, for many, `async` Rust feels completely different. > My biggest complaint with Rust is async. If we want to use [a tool], we're forced into that model...not just a different language, but a different programming model... … ## How challenges amplify differently across domains While the core challenges are universal, different domains have unique challenges that ultimately must be either adoption blockers or acceptable trade-offs. ### Embedded systems: where every constraint matters Embedded developers face the most constrained environment for resources, which can amplify other challenges like learning. > "if you pull in a crate, you pull in a lot of things and you have no control" -- Embedded systems researcher > "can't use standard collections like hashmaps" -- Embedded software engineer Debug builds become too large for small controllers, forcing developers into optimized builds that complicate debugging. … ### Safety-critical systems: stability vs. innovation tension Safety-critical developers need Rust's memory safety guarantees, but face unique challenges around certification and tooling: > "we don't have the same tools we have to measure its safety criticality as we do in C++ and I think it's a worry point" -- Safety systems engineer > "not a lot of people know Rust not a lot of managers actually trust that this is a technology that's here to stay" -- Safety-critical developer on organizational barriers The tension between Rust's rapid evolution and safety-critical requirements for stability creates adoption barriers even when the technical benefits are clear. … ### GUI development: compile times inhibit iteration speed GUI developers need rapid visual feedback, making compilation times particularly painful: > We've got a UI framework that's just Rust code so when you want to tweak the padding on a box ... it's a pain that we just kind of accept a 10 seconds or more iteration cycle. -- Developer … ## Conclusion (not done yet) Rust's challenges are more nuanced than the conventional "steep learning curve" narrative suggests. They're persistent, evolving, and domain-specific. Most importantly, they compound in ways that can create silent attrition even among developers who successfully learn the language. Understanding these patterns is crucial for Rust's continued growth.

While it is great to see some developers being happy with the state we have today, it is clear that many people are not so lucky, and Rust's build performance limits their productivity. Around 45% respondents who answered that they are no longer using Rust said that at least one of the reasons why they stopped were long compile times. … ## Important workflows ... Waiting too long for an incremental rebuild after making a small source code change was by far the most common complaint in the open answers that we received, and it was also the most common problem that respondents said they struggle with. Based on our respondents' answers, this comes down to three main bottlenecks: … **The linking phase is too slow.** This was a very common complaint, and it is indeed a real issue, because unlike the rest of the compilation process, linking is always performed "from scratch". The Rust compiler usually delegates linking to an external/system linker, so its performance is not completely within our hands. However, we are attempting to switch to faster linkers by default. … - **Incremental rebuild of a single crate is too slow.** The performance of this workflow depends on the cleverness of the incremental engine of the Rust compiler. While it is already very sophisticated, there are some parts of the compilation process that are not incremental yet or that are not cached in an optimal way. For example, expansion of derive proc macros is not currently cached, although work is underway to change that. ... To gauge how long is the typical rebuild latency, we asked our respondents to pick a single Rust project that they work on and which causes them to struggle with build times the most, and tell us how long they have to wait for it to be rebuilt after making a code change. [PNG] [SVG] Even though many developers do not actually experience this latency after each code change, as they consume results of type checking or inline annotations in their code editor, the fact that 55% of respondents have to wait more than ten seconds for a rebuild is far from ideal. … ### Clean and CI builds Around 20% of participants responded that clean builds are a significant blocker for them. In order to improve their performance, you can try a recently introduced experimental Cargo and compiler option called `hint-mostly-unused`, which can in certain situations help improve the performance of clean builds, particularly if your dependencies contain a lot of code that might not actually be used by your crate(s). One area where clean builds might happen often is Continuous Integration (CI). 1495 respondents said that they use CI to build Rust code, and around 25% of them consider its performance to be a big blocker for them. However, almost 36% of respondents who consider CI build performance to be a big issue said that they do not use any caching in CI, which we found surprising. … ## Understanding why builds are slow When Rust developers experience slow builds, it can be challenging to identify where exactly is the compilation process spending time, and what could be the bottleneck. It seems that only very few Rust developers leverage tools for profiling their builds:

- Rust’s learning curve remains a barrier. Among the 358 respondents who don’t use Rust, 22 % called Rust “too difficult to learn,” with word-clouds full of “syntax,” “confusing,” and even “toxic.” - Compile times and disk usage remain major complaints: 17% say slow compilation is a serious problem, and 34% say it could be significantly better.

I’m talking about problems such as: - **Schema duplication** - **Server/client data mismatch** - **Superfluous database calls** - **Poor performance** - **Boilerplate overdose** I’m willing to bet your app suffers from at least one of them. Good news is, none of them are incurable! … ### Problem: Schema Duplication One of the first things you realize when coding a GraphQL back-end from scratch is that it involves a lot of similar-but-not-quite-identical code, especially when it comes to schemas. Namely, you need one schema for your database, and another one for your GraphQL endpoint. Not only is it frustrating to have to write more or less the same thing twice, but you now have two independent sources of truths that you need to constantly keep in sync. … ### Problem: Server/Client Data Mismatch As we’ve just seen, your database and GraphQL API will have different schemas, which translate into different document shapes. So while a `post` fresh out of the database will have a `userId` property, the same `post` as fetched through your API will instead have a `user` property. This means that getting a post author’s name on the client will look like: … This can be a problem anytime you’re trying to share code between client and server to simplify your codebase. And even beyond that, it means you’re missing out on GraphQL’s great approach to data querying on the server. I recently felt that pain when trying to build a system to generate weekly newsletters: each newsletter was composed of multiple posts and comments, along with info about their authors; in other words, a perfect use case for GraphQL. But this newsletter generation was happening on the *server*, meaning I didn’t have a way to query my GraphQL endpoint…But what about GraphQL? Assuming our posts have a `user` field with its own resolver, we still have one initial database call to get the list of posts. But we now have an extra call to fetch each user *per resolver*, for a total of **11** database calls! Now imagine that each post also has 5 comments, each of which has an author. Our number of calls has now ballooned to: … ### Problem: Poor Performance Even with Dataloader enabled, complex views can still trigger multiple database calls, which in turn can make for slow loading times. This can be frustrating: on one hand you want to take full advantage of GraphQL’s graph traversal features (“show me the authors of the comments of the author of the post of…” etc.). But on the other hand, you don’t want your app to become slow and unresponsive. … ### Problem: Boilerplate Overdose This is by no means an issue exclusive to GraphQL apps, but it’s true that they generally require you to write a lot of similar boilerplate code. Typically, adding a new model (e.g. `Comments`) to your app will involve the following steps:

GraphQL is a great tool for developers overall, but of course there are a few pain points you might deal with during the development process. In this article, we'll break down some of the biggest pain points you might experience using GraphQL tools. Right off the bat, if you're developing an API that is super simple and doesn't need any complex functionality, then GraphQL tools might not be the best choice for you. Instead, it might make things more complicated than they need to be. You'll be better off sticking to the typical REST API tools. However, if you need something a bit more complex, then GraphQL will be perfect for what you need and it'll help you create a great API. Of course, making a simple API with GraphQL isn't impossible, just inconvenient. The following pain points, however, are super difficult to deal with and if you need these functionalities, GraphQL might not be your solution. GraphQL returns responses in the shape of the query, so if you need a specific structure, you'll have to program a transformation to make it return that way. GraphQL doesn't have infinite depth capabilities, so pagination will be necessary. Other pain points don't pose nearly impossible barriers, but they can still cause difficulties. Things like network level caching and file upload handling. Though it isn't impossible to find solutions for these issues, it will still add some time to development. All in all, GraphQL tools are exceedingly useful in a wide variety of API contexts, so whether or not you should use it just depends on your needs.

### Complexity of Query Design One of the primary challenges faced by GraphQL developers is the complexity of query design. Unlike traditional RESTful APIs, which have predefined endpoints for specific data objects, GraphQL allows clients to specify exactly what data they need in a single query. While this flexibility is one of the key advantages of GraphQL, it also introduces complexity in terms of query design. … ### Schema Stitching and Composition Another common challenge faced by GraphQL developers is schema stitching and composition. In a typical GraphQL application, data is fetched from multiple sources, each with its own schema definition. Schema stitching involves combining these schemas into a single, coherent schema that can be queried by clients. Schema stitching can be a complex and time-consuming process, especially in applications with a large number of data sources. Developers must carefully map data relationships between schemas and ensure that the final stitched schema is consistent and well-structured. … ### Understanding the Challenges One of the main challenges faced by GraphQL web developers is performance optimization. GraphQL allows clients to request only the data they need, which can be a huge advantage in terms of reducing the amount of data transferred over the network. However, if not optimized correctly, this can lead to performance issues such as slow response times and increased server load. Another challenge is the complexity of GraphQL queries. With GraphQL, clients can request data from multiple sources in a single query, which can make it difficult to optimize performance. Developers need to carefully design their schemas and queries to ensure they are efficient and performant. … ### Data Fetching Challenges One of the key advantages of GraphQL is its ability to allow clients to request only the data they need, reducing over-fetching and under-fetching of data. However, this flexibility can also pose challenges for developers, especially when dealing with complex data structures. One common challenge faced by GraphQL developers is managing the complexity of data fetching queries. As applications grow in size and complexity, the number of queries needed to fetch all the required data can increase significantly. This can lead to performance issues, as each query requires a separate network round-trip to the server. … ## Comments (37) GraphQL can be a powerful tool for web developers, but it definitely comes with its fair share of challenges. One common issue is dealing with overly complex queries. Sometimes you end up with nested queries within nested queries, making it difficult to keep track of what data you're actually fetching.<code> query { user { posts { comments { user { posts { comments { // You get the idea... } } } } } } } </code> Another challenge is cache management. With traditional REST APIs, caching can be straightforward, but with GraphQL, it's a bit trickier to know when to refetch data and when to rely on the cache. Schema stitching can also be a headache. If you're working with multiple schemas from various services, stitching them together smoothly can be quite the task. And don't even get me started on testing. Writing tests for GraphQL queries and mutations can be a nightmare, especially when you have to mock out all the different data scenarios. Overall, GraphQL definitely has its benefits, but it's important to be aware of the challenges that come with it. One of the biggest challenges with GraphQL development is managing the schema. As your application grows, keeping track of all the types, queries, and mutations can get pretty messy. It's crucial to regularly review and update your schema to ensure everything aligns correctly. Mutation management is another tricky area. With GraphQL, mutations are used to make changes to your data, but it can be tough to handle the complexity of mutations that involve multiple entities and relationships. … But perhaps the biggest challenge of all is debugging. When something goes wrong with a GraphQL query, trying to track down the issue can feel like searching for a needle in a haystack. It's important to have solid logging and error tracking in place to make your life easier. And what about query complexity? How do you prevent users from running overly complex queries that could potentially bring down your server? Are there any best practices you follow to limit query depth or complexity? ... Alright, let's dive into some of the common challenges faced by GraphQL developers. One issue that often comes up is handling file uploads. Unlike with REST APIs, file uploads in GraphQL can be a bit trickier, requiring special handling on the server side. Then there's the challenge of data validation. With GraphQL, you have to define your own validation rules for incoming data, which can be a lot of extra work compared to some other frameworks that handle validation automatically. … It's all too easy to accidentally create queries that are too deep or too complex, leading to performance issues and potential bottlenecks in your application. And don't even get me started on caching. Managing the cache in a GraphQL environment can be a real headache, especially if you're working with data that changes frequently or unpredictably.

Another key aspect is the Schema Definition Language (SDL). This schema describes the types of data available and their relationships. It acts as a contract between the client and server, ensuring that both parties understand the data structure. Strong typing helps catch errors early, reducing the chances of runtime issues. However, with great power comes great responsibility. GraphQL's flexibility can lead to complex queries that may overwhelm servers. Developers must understand how their queries will be executed to avoid performance pitfalls. This complexity can be daunting, especially for newcomers. It’s like navigating a labyrinth; one wrong turn can lead to a dead end. … Despite its advantages, GraphQL is not without its drawbacks. The learning curve can be steep, especially for those accustomed to REST. Developers may find themselves grappling with the intricacies of crafting efficient queries. Moreover, the potential for over-fetching or under-fetching data remains a concern. It’s a balancing act, requiring careful consideration of how data is structured and accessed. … Another key aspect is the Schema Definition Language (SDL). ... GraphQL's flexibility can lead to complex queries that may overwhelm servers. Developers must understand how their queries will be executed to avoid performance pitfalls. This complexity can be daunting, especially for newcomers. It’s like navigating a labyrinth; one wrong turn can lead to a dead end. … Despite its advantages, GraphQL is not without its drawbacks. The learning curve can be steep, especially for those accustomed to REST. Developers may find themselves grappling with the intricacies of crafting efficient queries. Moreover, the potential for over-fetching or under-fetching data remains a concern. It’s a balancing act, requiring careful consideration of how data is structured and accessed.

### Cons GraphQL can be harder to set up; its other disadvantages are below. - **Complexity in Caching**: Traditional caching mechanisms, like HTTP caching, are not as effective with GraphQL because of its dynamic queries. It often requires custom strategies like persisted queries and Apollo Client caching. - **Increased Server Load**: Due to the complexity of GraphQL queries, server performance can sometimes suffer. It’s essential to implement rate limiting and query depth control to avoid overload. - **Learning Curve**: Developers need to familiarize themselves with schema definitions, resolvers, and query structures, making it more challenging to learn than REST APIs. Debugging can also be more complex. - **Security Risks**: There’s the potential for clients to send expensive or deeply nested queries, risking denial-of-service (DoS) attacks. Proper query validation and authorization are crucial.

An opposite (but equally inefficient) problem is under-fetching. This is when the API call doesn’t fetch enough information, so it has to make one or more additional round trips to enrich its data and build the required data model. That’s a lot of wasted bandwidth and resources, not to mention added latency. Plus a lot of complexity for consumers who want to integrate with the API product. … ## OpenTelemetry and GraphQL performance issues There are plenty of use cases for GraphQL, as well as plenty of challenges. One added complexity is that each client can have a different performance profile on their per query basis, depending on how complex the query is. So, while one client could experience amazing performance, another could be facing performance problems. There’s also the N+1 challenge – a commonly recognised problem, where GraphQL’s execution of a separate resolver for each field in a query results in N+1 round trips to the database. OpenTelemetry can help. You can use it to detect N+1 queries. ... That way, you can be aware of these kinds of expensive queries much faster. Other issues that can affect GraphQL performance include cyclic queries (a potential vulnerability for GraphQL APIs, as they can be used for denial-of-service attacks) and very expensive queries (those with both greater depth in terms of nesting levels and with higher complexity). While OpenTelemetry can help with some of these issues, it’s not quite there yet with others – which is why Tyk is adding its voice to OpenTelemetry community discussions.

This quickly becomes burdensome when you add new resources to the application; however, this same burden is also a feature. The application is self-documenting and it's easy to understand the entrypoints into an application that's being exposed via HTTP/HTTPS. In a large, complex GraphQL applicaton tracking down how clients query the API requires more energy than you would like. There's a lot of engineering discipline required to keep your GraphQL API from turning itself into a REST-like API as a product changes. In the first GraphQL query above, … There are many cases where you might already have a piece of data available from a database query and you would like to "return early," as we've done here but GraphQL makes your pay a tax of sorts for the flexibility it offers. This tax, in large code bases, can grow and become cumbersome. The non-linear nature of dealing with graphs has left me wanting some sort of GUI representation of the graph that lights up as a request moves through each resolver. Was REST so bad that we need to make understanding how our requests are routed more difficult?

In the 2022 state of GraphQL study, we uncovered that Security is one of the top pain points developers face when using GraphQL. The number one pain point being error handling has caused many GraphQL APIs to leak sensitive information. Analyzing error messages is actually how our tool Graphw00f allows hackers to fingerprint your GraphQL APIs and uncover vulnerabilities.