On Mon, Apr 26, 2010 at 01:34:21PM +0200, Cyril Brulebois wrote: > it was just noticed that the FTBFS on s390 I reported sounded like an > FTBFS previously dealt with in libmozjs, meaning you're embedding it > instead of just using libmozjs-dev and dropping your embedded code copy. > Given the security records on xulrunner thingies, I'm opening this at > serious severity with security tag…
Upstream is aware of this problem and is waiting for SpiderMonkey developer to provide a public API for the parser before removing the need for the embedded copy of SpiderMonkey. See the following blog comment by jscoverage author: http://blog.mozilla.com/dherman/2010/04/22/language-engineering-on-the-web/comment-page-1/#comment-3 There seems to be outgoing work for this in SpiderMonkey: https://bugzilla.mozilla.org/show_bug.cgi?id=533874 I posted to mozilla.dev.tech.js-engine (as advised by irc.mozilla.org #jsapi folks), to ask for the current status of this work. -- Johan Euphrosine (proppy) <pro...@aminche.com> Development and services around Free Software http://www.aminche.com/
signature.asc
Description: Digital signature
