[zerovox]

This doesn't seem wildly unreasonable to me. If it allows them to perform a better review and check for malicious code before approving it, I'm all for it.

Perhaps Opera can perform the minification after reviewing the code and achieve the performance gains while still being able to prevent malicious code entering the store.

[rogerbinns]

I'm sure malicious code can be hidden in plain site anyway. Automated tools or human eyeballs won't spot it. For example here is the underhanded C contest demonstrating the principle with C http://underhanded.xcott.com/ (static analysis won't be possible on most JS code)

The only way to be sure is to implement a (bug free) sandbox that the code runs in, as then it won't matter what the code does.

[adrianN]

I guess you don't lock your front door because lock picking is straightforward?

While it is not possible to spot all malicious code by inspection, minification certainly makes the job much harder.

[rogerbinns]

They will only be able to catch the incompetent bad guys via inspection. Those are not the ones to worry about.

[willvarfar]

Yeah I wonder when the winners will be announced for this year's contest?

[tagawa]

Agreed. In the end he calls on Opera to "open the store up" but that has little to do with requiring non-minified code. Seems like he's just upset his extension go rejected.