Making WebAssembly a first-class language on the Web

Posted by mikece 16 hours ago

Making WebAssembly a first-class language on the Web(hacks.mozilla.org)

231 points | 105 commentspage 2

swiftcoder 4 hours ago|

Nice to see momentum here. Even outside of direct access to WebAPIs, having the ability to specify interfaces for WASM modules is a big deal, and unlocks all sort of cool options, like sandboxed WASM plugins for native apps...

skybrian 4 hours ago||

At a high level this sounds great. But looking into the details about how the component model will be implemented, it looks very complicated due to concurrency:

https://github.com/WebAssembly/component-model/blob/main/des...

eqrion 3 hours ago||

The concurrency part of the C-M is complicated (I think for inherent reasons), but won't be exposed to end users. It's basically defining an API that language toolchains can use to coordinate concurrency.

For end users, they should just see their language's native concurrency primitives (if any). So if you're running Go, it'll be go routines. JS, would use promises. Rust, would have Futures.

phickey 3 hours ago||

Real programs, whether native JavaScript or in any other language that targets Wasm, have concurrency. Would you rather the component model exclude all concurrent programs, and fail to interact with concurrent JavaScript? The component model is meeting the web and programmers where they're at. Unless you're one of the few people implementing the low level bindings between components and guest or host languages, you don't have to ever read the CM spec or care about the minutae of how it gets implemented.

haberman 3 hours ago||

> Thankfully, there is the esm-integration proposal, which is already implemented in bundlers today and which we are actively implementing in Firefox.

From the code sample, it looks like this proposal also lets you load WASM code synchronously. If so, that would address one issue I've run into when trying to replace JS code with WASM: the ability to load and run code synchronously, during page load. Currently WASM code can only be loaded async.

bvisness 3 hours ago|

This is not strictly true; there are synchronous APIs for compiling Wasm (`new WebAssembly.Module()` and `new WebAssembly.Instance()`) and you can directly embed the bytecode in your source file using a typed array or base64-encoded string. Of course, this is not as pleasant as simply importing a module :)

lasgawe 3 hours ago||

Agree with the points. But when reading this, it seems much more complicated than using JavaScript on the web when developing real-world applications. However I think that will not be an issue because of AI.

lasgawe 3 hours ago||

Agree with the points. But when reading this, it seems much more complicated than using JavaScript on the web when developing realworld applications. However I think that will not be an issue because of AI.

ngrilly 3 hours ago||

We could finally write programs for the browser in any language that compiles to WebAssembly. And even mix and match multiple languages. It would be amazing.

dana321 1 hour ago||

This is a brilliant idea for webassembly, implementing the core browser features as libraries - they should do it.

(though i do like the open code nature of the internet even if a lot of the javascript source code is unreadable and/or obfuscated)

Tepix 3 hours ago||

WASM with DOM support will be great. Unfortunately it will also be great for obfuscation and malware.

Retr0id 2 hours ago|

You can already compile malware to obfuscated asm.js. If anything, WASM blobs are easier to reverse engineer than obfuscated JS - good luck writing a ghidra plugin for JS source.

throwaway12pol 2 hours ago||

What about obfuscated WASM blobs? At least obfuscated JS is still basically source code being interpreted, with WASM we will be running proprietary obfuscated binaries in the browser.

Retr0id 2 hours ago||

I'd rather deal with an obfuscated WASM blob than obfuscated JS.

throwaway12pol 1 hour ago||

Why is that? With obfuscated JS you can instantly create ASTs, easily patch and preview the results. We have codemodding tools for mass patching and analysis. With WASM, you can theoretically have a future anti-tamper corporation with a solution to actively obfuscate binaries and antagonize reverse engineers, like we have today with desktop binaries.

Retr0id 1 hour ago||

ASTs are pretty useless once it's been through a control-flow flattening obfuscation pass. At the end of the day it's just one representation vs another, but there are a lot more existing tools for dealing with binary reverse engineering.

throwaway2027 4 hours ago||

Great to see it happening finally. Can we also get compute shaders with WebGL2 now? I don't want to move everything to WebGPU just for compute shaders and I don't know why they kept rejecting the proposals.

barelysapient 3 hours ago|

Wow. We need this so bad.

More comments...