> Do you also audit / control web browsers the clients are using?
Certain places do, actually. That's why lots of enterprise software was stuck having to support IE just a few years back (and probably still in some places that haven't caught up).
I've seen demands towards certain features working on Edge/Chrome in particular even if it would break something in Firefox, which might be preference of the end users but also corporate policy towards using known software in certain places.
I'm sure that you're still likely to run into plenty of environments where something like Edge might be the only allowed browser.
>lots of enterprise software was stuck having to support IE just a few years back
Yep, and talking about Jira, they only ended that support in March 2020.
And wow, according to Wikipedia, Microsoft still supports Internet Explorer on some non-consumer Windows flavors. Today. I find that actually pretty stunning, must be a huge liability to be running web-apps that breaks on non-IE, because that can't then be the only aspect at which it's still stuck in the stone ages.
Let's say there's a higher chance that you'll be able to sign a contract with Google or Microsoft that allows you to sue the $$$ out of them if something happens, than hoping to get anything from ankitpokhrel on GitHub whose bio says "I have no idea what I do".
(Nothing against ankitpokhrel and this great tool, just making a point in a slightly sarcastic way)
It's open source. If you want to use the functionality but don't trust a random internet user named ankitpokhrel, you can literally gut the project, copy-paste the code you understand, get basic functionality to work, and you can be pretty much certain that there is nothing nefarious going on.
I have done that multiple times. It's not very time demanding, because the working code is there, and all you're doing is essentially deleting code you either don't understand, or don't need. At the same time, you're reading the code you do use.
I would bet it's easier to do it with a 1 man company, the megacorps are famous for firewalling themselves from liability with very good contract lawyers.
You may also be able to get 3rd party insurance for this.
KronisLV|3 years ago
Certain places do, actually. That's why lots of enterprise software was stuck having to support IE just a few years back (and probably still in some places that haven't caught up).
I've seen demands towards certain features working on Edge/Chrome in particular even if it would break something in Firefox, which might be preference of the end users but also corporate policy towards using known software in certain places.
I'm sure that you're still likely to run into plenty of environments where something like Edge might be the only allowed browser.
sverhagen|3 years ago
Yep, and talking about Jira, they only ended that support in March 2020.
And wow, according to Wikipedia, Microsoft still supports Internet Explorer on some non-consumer Windows flavors. Today. I find that actually pretty stunning, must be a huge liability to be running web-apps that breaks on non-IE, because that can't then be the only aspect at which it's still stuck in the stone ages.
chpmrc|3 years ago
(Nothing against ankitpokhrel and this great tool, just making a point in a slightly sarcastic way)
BossingAround|3 years ago
I have done that multiple times. It's not very time demanding, because the working code is there, and all you're doing is essentially deleting code you either don't understand, or don't need. At the same time, you're reading the code you do use.
fulafel|3 years ago
You may also be able to get 3rd party insurance for this.
creativenolo|3 years ago
comprev|3 years ago
All software, including open source, technically needs to get approved by a security team.
bityard|3 years ago
They only enforce it if you run windows, though.