Hacker News new | ask | show | jobs
by array_key_first 78 days ago
Linking to a CDN is for development only. Once the app is build you build your dependencies into the app. You don't fetch them at runtime and run them. Not only for security, but also for performance.

There's also a difference between using a CDN for, say, React and a random github project hosted by some dude.
1 comments
trimethylpurine 78 days ago
Yeah I agree. Tell Microsoft. But, meanwhile this is normally used wrong in a lot of apps. It's not newsworthy that this one is also.
link