Re: Security concerns with minified javascript code

To: debian-devel@lists.debian.org
Subject: Re: Security concerns with minified javascript code
From: Vincent Bernat <bernat@debian.org>
Date: Fri, 28 Aug 2015 10:48:28 +0200
Message-id: <[🔎] 87a8tber37.fsf@zoro.exoscale.ch>
Mail-followup-to: debian-devel@lists.debian.org
In-reply-to: <[🔎] 20150828082914.GR2641@var.home> (Samuel Thibault's message of "Fri, 28 Aug 2015 10:29:14 +0200")
References: <[🔎] 20150828082914.GR2641@var.home>

 ❦ 28 août 2015 10:29 +0200, Samuel Thibault <sthibault@debian.org> :

>> What will happen is that maintainers will fallback to the second less
>> horrible solution and cripple the package (by using an older version of
>> the JS lib for example) to allow it to stay in main.
>
> Why would they want to stay in main?

[...]

> I had the same issue with loadlin: it could only be built on MS-DOS with
> the proprietary tasm, and thus got #356055. I thus extended the free
> yasm to recognized the tasm syntax, and patched loadlin a bit to remove
> some extensions which were hard to implement in yasm but easy to replace
> in loadlin.
>
> Then it could stay in main.

Here is why.
-- 
Choose variable names that won't be confused.
            - The Elements of Programming Style (Kernighan & Plauger)

Attachment: signature.asc
Description: PGP signature

Reply to:

Follow-Ups:
- Re: Security concerns with minified javascript code
  - From: Samuel Thibault <sthibault@debian.org>

References:
- Re: Security concerns with minified javascript code
  - From: Samuel Thibault <sthibault@debian.org>

Prev by Date: Re: Security concerns with minified javascript code
Next by Date: Re: Security concerns with minified javascript code
Previous by thread: Re: Security concerns with minified javascript code
Next by thread: Re: Security concerns with minified javascript code
Index(es):
- Date
- Thread