this post was submitted on 29 Mar 2026
358 points (97.9% liked)

Technology

83966 readers
4728 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
358
RSS feeds are beginning to break once xslt support begins being dropped by browsers soon (justinjackson.ca)
submitted 3 weeks ago by confuser@lemmy.zip to c/technology@lemmy.world
55 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] floofloof@lemmy.ca 42 points 3 weeks ago* (last edited 3 weeks ago) (1 children)

From the article:

Google says it's removing XSLT to address security vulnerabilities. The underlying library that processes XSLT in Chrome (libxslt) is an aging C/C++ codebase with known memory safety issues. Chrome's team argues that because only about 0.02% of page loads use XSLT, it's not worth the maintenance burden.

It's debatable whether Google, with all its resources, really needs to do this, especially given that 0.02% of all page loads is still quite a lot. But there are certainly times when it's better to just delete seldom-used old code from your project to lower the maintenance burden and reduce the surface area for attacks.

[–] 73QjabParc34Vebq@piefed.blahaj.zone 36 points 3 weeks ago (1 children)

Big tech has been straining the libxml2 dev who recently got annoyed with them. Instead of helping maintain the libraries they ship on billions of computers, Google is trying to reduce there use.

https://socket.dev/blog/libxml2-maintainer-ends-embargoed-vulnerability-reports

[–] 01189998819991197253@infosec.pub 1 points 2 weeks ago

That was a good read. Very eye opening to the underpinning problems in the oss world, caused by the proprietary world. Really, we should all use a license that prohibits commercial uses of any oss code.