I don't know if packaging the JS into Debian would be enough. If I recall correctly, Discourse depends on client-side JS, so the issues are more immediate in the client-side where the client is the one more vulnerable.
There are other things that I didn't have time nor knowledge to check yet, like if Discourse has progressive enhancement. 2018-01-16T13:43:35+0100 Daniel Pocock wrote: > Thanks for all that feedback > > Would packaging the Discourse JavaScript into Debian satisfy those concerns? > > Is there enough interest in this topic to start building a wiki page > about it? _______________________________________________ Discussion mailing list [email protected] https://lists.fsfe.org/mailman/listinfo/discussion
