Comment by poly2it
2 months ago
Would you care to elaborate? What solution do you propose, and how would it be implemented? How would removal of JavaScript and HTTP solve the dependency malware issue being discussed?
2 months ago
Would you care to elaborate? What solution do you propose, and how would it be implemented? How would removal of JavaScript and HTTP solve the dependency malware issue being discussed?
JS execution model and semantics naturally lend themselves to these huge dependency trees with easily obfuscated code. There are wider non-language specific strategies to really nail this problem but the language isn’t helping and at the same time is causing 1,000 other problems because it was designed to validate phone numbers in a text input.
I appreciate that HTTP sounds tangential but my point is the whole stack is designed wrong for what it’s doing and we waste all of our time commenting on and fixing the 1,000 manifestations of that rather just fix the architecture. There are political reasons for that I won’t get into.