- Tcl is immune to many "format string vulnerabilities"
- Tcl programs are immune to buffer overflows (as long as the Tcl interpreter is; DStrings help a lot)
- No Y2K bug
- Fully integrated Unicode, where most other languages need special syntax and still have problems handling UTF-8 strings.
- Tcl can be compiled with Threads. AOLServer has been multithreaded long before Apache/PHP.
- Backwards-compatibility: Tcl provides the best effort in this dimension.
- Safe interps makes it possible to run user-defined scripts without fearing an attack.
- You do not have to check nils as in Java, Python, Lua...
- It is easy to manage Tcl packages. With starkits and starpacks, deployment is easy. You would not ask yourself a long time what package is outdated or missing to make work your application.
- Prowrap and ActiveState tools can encrypt the sources.
- Although there is no official debugger, interactive debugging in GUI mode is terrific. Just embed tkcon in your project and you have a full control on your application under your fingertips.
- There is a huge testing work that has been done on the Tcl interpreter, as well as the Tk toolkit. Tcl has been ported to a wide range of existing systems. Tk is one of the most well-tested GUI toolkits.
About safe interps: it is a feature missing in almost every other language (Java has a similar functionality, but with such complexity that I cannot even think of it).About Unicode: Tcl currently (summer 2007) only supports the Basic Multilingual Plane of Unicode (16-bit character codes, as up to version 2.1 of the standard), but this is mostly an internal implementation detail, and neither Tcl scripts nor compiled extensions should need to be changed when full support gets implemented.
[ Tcl Marketing | Category Security ]