Techly NewsGet the app

Get the latest tech news

A better future for JavaScript that won't happen


In the wake of the largest supply-chain attack in history, the JavaScript community could have a moment of reckoning and decide: never again. As the panic and shame subsides, after compromised developers finish re-provisioning their workstations and rotating their keys, the ecosystem might re-orient itself towards solving the fundamental flaws that allowed this to happen.

As the panic and shame subsides, after compromised developers finish re-provisioning their workstations and rotating their keys, the ecosystem might re-orient itself towards solving the fundamental flaws that allowed this to happen. This could be combined with a consolidation of efforts, merging micro-libraries into larger packages with a more coherent and holistic scope and purpose, which prune their own dependency trees in turn. Expect symbolic gestures – mandatory 2FA will be rolled out in more places, certainly, and the big players will write off meager donations in the name of “OSS security and resilience” in their marketing budgets.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of Better Future

Better Future

Photo of javascript

javascript

Related news:

News photo

Why do browsers throttle JavaScript timers?

News photo

Checking if a JavaScript native function is monkey patched (2022)

News photo

Show HN: Ion, a Rust/Tokio powered JavaScript runtime for embedders

« Turns out Battlefield 6 won't have PlayStation and Xbox crossplay without PC players after all
Newark Airport Crisis Has Eased but Tech and Staffing Issues Persist »