[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Security concerns with minified javascript code

* Neil Williams <codehelp@debian.org> [150902 14:15]:
> On Wed, 2 Sep 2015 13:14:31 -0400 Marvin Renich <mrvn@renich.org> wrote:
> > It is presumed that upstream already has what it considers "source";
> > in the case of this thread, that is minified JS.
> Actually, not. Source, for upstream of JQuery at least, is a set of
> directives to include files into a non-minified jquery.js which is then
> minified as part of the build in Debian.

I stand corrected.

> There are three players:
[large snip]
> It is a complete mess - with the embedding upstreams lost in the middle
> with no idea of what they can do to avoid getting in the way.

I completely agree.


Reply to: