[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Security concerns with minified javascript code

On Monday 24 August 2015 13:54:21 Simon Josefsson wrote:
> I believe the blog post below has relevance to Debian's stance on
> including minified JavaScript in packages:
> https://zyan.scripts.mit.edu/blog/backdooring-js/

Thank you for a nice argument against minification.

During packaging I already had to articulate some reasons against 
minification to several upstreams so I've decided to write a quick summary of 
my reasons against minification in wiki:


Once improved, I hope this summary might be considered for inclusion into 
UpstreamGuide or to be used as a reference for discouraging such practice.

 Dmitry Smirnov.

Attachment: signature.asc
Description: This is a digitally signed message part.

Reply to: