|
|
|
|
|
|
by triblondon
4235 days ago
|
|
|
I maintain the polyfill service. I'm very much aware of this issue, and we have tried to take steps to mitigate these concerns: 1. You can easily run the service yourself, just download it from the github repo 2. The hosted version is hosted by the FT and sponsored by Fastly, so you're not importing code from some random unknown entity. Those corporations practice good security awareness (in the FT's case it dramatically improved about 2 years ago), but if you don't believe us, see point 1. |
|
|
That's what you're building for the web. #1 doesn't absolve you of the culpability of promoting such a fundamentally flawed tool.