The D programming language is designed to be conducive to hybrid programming so that C/C++ code can be gradually converted to safer D code as resources permit.
The D compiler itself started out as "C with Classes" and was gradually converted to D, all the while keeping the compiler fully functional. It's now all in D.
I'd be super happy if there was a focus on partial migrations to Rust. I've last tried a while back (2 years?), and it's absolutely possible, but the build systems banging their heads into each other was a major hurdle. For a large C/C++ codebase, I guess avoiding Cargo altogether might be the best way to go - the more so the smaller the pieces being migrated are.
I've seen the pain you've mentioned. The way you can make it work is to basically make a single Rust crate that does nothing but link all of your Rust dependencies into a single library that you can then add to your build system:
I recently started a project to demonstrate cross-language building between Rust and C. Started with CMake using the Corrosion module, I plan to add examples for more styles (CMake with ExternalProject at least, probably also Bazel, Meson, Makefiles, and others). Very WIP at the moment, I haven't even tested it on Windows and don't have a Mac. I don't have that much time to dedicate to this though.
The problem with this is it encourages increased fragmentation of systems just to address a single class of security bug. This could actually increase the number of bugs, and thus security bugs.
> For example, if you are working entirely in the kernel, all your code runs at the same level of privilege so you can’t use that as a filter.
The D compiler itself started out as "C with Classes" and was gradually converted to D, all the while keeping the compiler fully functional. It's now all in D.