[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Minified javascript files

Pau Garcia i Quiles <pgquiles@elpauer.org> writes:

> On Sun, Aug 19, 2012 at 8:10 PM, Simon Josefsson <simon@josefsson.org> wrote:
>>> As for
>>> verification, having the source next to the minified version does not
>>> guarantee anything about the minified version, all the more that we
>>> don't have currently in Debian Wheezy a reliable minifier.
>> That seems problematic -- so even if the source is shipped, there is no
>> way to re-build the minified file?
> It really depends on using exactly the same version of the same
> minifier with exactly the same parameters (which you may not know) and
> even then you cannot be sure, e. g. a minifier may use generate
> shortened variable names randomly.

I believe differences like that are not important, compare how gcc
generate different binaries each time depending on parameters etc.
However, if a minified file is shipped that cannot be re-created at all
(due to no minifier) I don't think shipping source for the file is the
only problem.  Both source code and the tools needed to generate output
forms is needed for users to be able to use a modified version of the


Reply to: