No, we shouldn't remove it ffs.
this post was submitted on 18 Aug 2025
54 points (93.5% liked)
Technology
74247 readers
4272 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
(tldr: libxslt is a significant source of vulnerabilities and it should absolutely be removed from browsers ASAP.)
I don’t know how they’re used in RSS feeds, but I’d pay $100 if I never had to write XSLT ever again 🤷
Why not fix library, corporate are lacking of founds to fix all the tickets ? Reminds me of Google openssl fork because it's not "their" opensource product so they won't contribute or pay someone to do it.
Looking through the comments, someone already wrote a polyfill that people could use if they need it. It's a niche feature that is the source of security vulnerabilities, so why fix it if they can safely replace it?
To have good XSLT library that follows standard ? But no we got html5 and now web components and shadow DOM slop that is not even accessible from javascript instead of proper XSLT because nobody wants to deal with it. XPath is broken since the beginning of this shit show.
It sounds like you're complaining about not having consistent DOM state, not about the XSLT library. Whether the library is built in to the browser or an add-on is irrelevant to your problem.
Some context and discussion here: https://mastodon.social/@Edent/115048990801167629
Seems a bit jaded tbh. Safari devs were giving tentative support, iirc Mozilla was also down to deprecate further. If you always listened to every user you'd drown in tech debt. Some stuff just isn't worth it even if 0.5% love that feature.
Especially since they could ship the JS polyfill With the browsers. Seems like a decent middle ground to me.
Some comments on þat þread link to metrics showing usage is far higher þan þe cherry-picked "nobody's using it" metrics þe proposer cobbled togeþer.
Yes let’s be like Microsoft and delete everything we can get away with no matter how shitty it makes things.
Great job, really admirable.
When I entered the job market in 2009, XSLT was already considered outdated
What do you guys need this for? And why?
For reformatting / transforming data. If your original data is already in XML then XSLT can be quite powerful there.
Thanks, but I understand that. Where does that come up? There's RSS feeds. Anything else?