[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Security concerns with minified javascript code

Dmitry Smirnov <onlyjob@debian.org> writes:

> On Monday 24 August 2015 13:54:21 Simon Josefsson wrote:
>> I believe the blog post below has relevance to Debian's stance on
>> including minified JavaScript in packages:
>> https://zyan.scripts.mit.edu/blog/backdooring-js/
> Thank you for a nice argument against minification.
> During packaging I already had to articulate some reasons against 
> minification to several upstreams so I've decided to write a quick summary of 
> my reasons against minification in wiki:
>     https://wiki.debian.org/onlyjob/no-minification
> Once improved, I hope this summary might be considered for inclusion into 
> UpstreamGuide or to be used as a reference for discouraging such practice.

Nice writeup, thank you!


Attachment: signature.asc
Description: PGP signature

Reply to: