Re: Security concerns with minified javascript code

To: debian-devel@lists.debian.org
Cc:
Subject: Re: Security concerns with minified javascript code
From: Steve McIntyre <steve@einval.com>
Date: Tue, 25 Aug 2015 22:46:38 +0100
Message-id: <[🔎] E1ZUM3C-000858-Jd@mail.einval.com>
In-reply-to: <[🔎] 87y4gzm5qs.fsf@zoro.exoscale.ch>
References: <[🔎] 87wpwk7vgy.fsf@latte.josefsson.org> <[🔎] 20150825140451.GA991@jwilk.net> <[🔎] 87r3mro0zr.fsf@zoro.exoscale.ch> <[🔎] 3286173.kHpSARAV8N@kitterma-e6430> <[🔎] 20150825171712.2038.86835@auryn.jones.dk> <[🔎] 20150825175820.GF16029@spark.dtdns.net> <[🔎] 20150825175820.GF16029@spark.dtdns.net>

Vincent Bernat wrote:
>
>Notably, one of the tool is Grunt and its myriad of plugins. Even if
>Grunt was in Debian, we would also need Gulp, then Broccoli, because in
>Javascript, there is always someone thinking that it should be possible
>to do better. We need to leave the Javascript ecosystem mature a bit
>more but in the meantime, a bit of tolerance would be appreciated for
>the some of us needing to package some javascript bits.

Why should we be tolerating setups where it's not clear that we can
reproduce what's being shipped?

-- 
Steve McIntyre, Cambridge, UK.                                steve@einval.com
"Further comment on how I feel about IBM will appear once I've worked out
 whether they're being malicious or incompetent. Capital letters are forecast."
 Matthew Garrett, http://www.livejournal.com/users/mjg59/30675.html

Reply to:

Follow-Ups:
- Re: Security concerns with minified javascript code
  - From: Vincent Bernat <bernat@debian.org>

References:
- Security concerns with minified javascript code
  - From: Simon Josefsson <simon@josefsson.org>
- Re: Security concerns with minified javascript code
  - From: Jakub Wilk <jwilk@debian.org>
- Re: Security concerns with minified javascript code
  - From: Vincent Bernat <bernat@debian.org>
- Re: Security concerns with minified javascript code
  - From: Scott Kitterman <debian@kitterman.com>
- Re: Security concerns with minified javascript code
  - From: Jonas Smedegaard <dr@jones.dk>
- Re: Security concerns with minified javascript code
  - From: Bas Wijnen <wijnen@debian.org>
- Re: Security concerns with minified javascript code
  - From: Vincent Bernat <bernat@debian.org>

Prev by Date: Re: Security concerns with minified javascript code
Next by Date: Re: system upgrade by systemd
Previous by thread: Re: Security concerns with minified javascript code
Next by thread: Re: Security concerns with minified javascript code
Index(es):
- Date
- Thread