On Fri, Sep 7, 2018 at 7:22 PM, Bastien ROUCARIES wrote: > Ok adding cc @security > > How will you handle security problem in static > (browserified/webpacked) javascript library ?
Same goes for the other languages that do static linking. It would be great to have this wiki page updated with some realistic strategies: https://wiki.debian.org/StaticLinking IIRC the security team recently flagged Go packages as being problematic for security support in the Debian buster release. I guess the same will apply to Rust now that Firefox switched to it? -- bye, pabs https://wiki.debian.org/PaulWise
