[egberts1]

Now it is the battle of keeping the zillions of JavaScript packages vs PHP packages up … to … date.

I think WASM may have bigger problems with external vulnerability assessment team identifying those modules by version that got broken.

[wazzaps]

WASM is the wrong level of the software stack to check for outdated versions, that's the host language's package manager's job.

[egberts1]

Wrong? There isn’t a right or wrong about this.

It is often the job of vulnerability assessment team to get down to the root of the misbehaving components, WASM or not.

[candiodari]

Yes there is. Fixing WASM for anything but VM holes is like changing your CPU because your Login screen accepts "password" as valid for every user name.

[egberts1]

Until you encounter a misbehavin’ module.

[_joel]

I don't think they're different issues in terms of solution, important, of course.