Mastodawn

Hey @drott in your article about removing #xslt from Chrome (https://developer.chrome.com/docs/web-platform/deprecating-xslt). Just wondering why you didn't take the same approach to XSLT that you did for #XML and libxml, e.g. replace libxslt with something more modern (e.g. Saxon-C)?

Removing XSLT for a more secure browser | Web Platform | Chrome for Developers

Prepare for Chrome deprecating and removing XSLT from the browser.

Chrome for Developers

Show thread

Dominik Röttsches

@adamretter Our focus is improving security. Saxon/C, which AFAIU is produced by transpiling Java to native using GraalVM, would give us native code but lacks the security guarantees of a memory safe language. Also, we are not able to include the complexity of a subset of a native-compiled Java VM into Chromium.
We found existing Rust alternatives to to not be a straightforward replacement. And, as in the post, we do want to focus on securing and improving the features that power the web.

Show thread

Colby Russell Nov 5

@drott imagine if a billion dollar organization like Google could take responsibility for their implementation instead of simultaneously trying to plunder the commons on the basis that, because there's already an implementation available that ostensibly works, no in-house development is necessary, followed by (a) taking the position that using it, in fact, *doesn't* work, and (b) refusing to pay for the necessary development and maintenance.

cc @adamretter