True, but are people turning off ECMAScript/WASM in their browsers to avoid this? As an app developer, I want to know if my app will keep running. In the Java Applet days, at some point the security scares became frequent enough to cause articles like "Turn off Java except on websites where you are actively using it". Once your users have to find and toggle a setting to make your app work, your audience size drops significantly.
I don't see such fears around ECMAScript/WASM. Since the dominant players have a vested interest in users feeling safe leaving those technologies turned on for all websites, they'll keep investing to maintain that safety (and the marketing of that safety).
This is a massive insurance policy for building a TeaVM app -- the foundational web technologies it builds on are receiving incredible investments from industry heavyweights. It's not just security that is maintained, new Web APIs are regularly developed too. Want to use USB from your web app? No need to wait for Oracle to roll out a Java API for it -- browser vendors have made a new API and you can call it from you TeaVM app right away.
I don't see such fears around ECMAScript/WASM. Since the dominant players have a vested interest in users feeling safe leaving those technologies turned on for all websites, they'll keep investing to maintain that safety (and the marketing of that safety).
This is a massive insurance policy for building a TeaVM app -- the foundational web technologies it builds on are receiving incredible investments from industry heavyweights. It's not just security that is maintained, new Web APIs are regularly developed too. Want to use USB from your web app? No need to wait for Oracle to roll out a Java API for it -- browser vendors have made a new API and you can call it from you TeaVM app right away.