JavaScript creator Eich's latest project: KILL JAVASCRIPT

Someday you'll code for the web in any language, and it'll run at near-native speed

Brendan Eich, the former CEO of Mozilla, has announced a new project that could not only speed up web applications but could eventually see the end of JavaScript as the lingua franca of web development.

Dubbed WebAssembly, the new effort is a kind of successor to Asm.js, the stripped-down JavaScript dialect that backers describe as an "assembly language for the web." Like Asm.js, it executes via a JavaScript engine. The difference is that WebAssembly is a new, low-level binary format, like a bytecode, which allows it to load and run even faster than Asm.js.

The long-term goal, Eich said, is for WebAssembly to become a kind of binary object format for the web, one that can be used as a compiler target for all kinds of languages - including but not limited to JavaScript.

"Bottom line: with co-evolution of [JavaScript and WebAssembly], in a few years I believe all the top browsers will sport JS engines that have become truly polyglot virtual machines," Eich said in a Wednesday blog post.

WebAssembly has apparently been underway as a skunkworks project for some time and has already gained the support of developers at Google, Microsoft, and Mozilla, all three of which have previously built Asm.js optimizations into their respective browsers.

"I'm happy to report that we at Mozilla have started working with Chromium, Edge and WebKit engineers on creating a new standard, WebAssembly, that defines a portable, size- and load-time-efficient format and execution model specifically designed to serve as a compilation target for the Web," Mozilla developer Luke Wagner blogged.

Microsoft's Mike Holman was more subdued in his support for the project, saying Redmond and the other browser vendors have "come to a general agreement on a shared set of goals."

One of those goals is "interoperability with JavaScript." In keeping with that, one deliverable for the project is a "polyfill" that implements WebAssembly in JavaScript, so that today's browsers will be able to execute WebAssembly code once the spec is finalized - albeit with slightly degraded performance.

What's more, although WebAssembly is itself a binary format, the specification will include a text format that can be rendered when anyone does a View Source, preserving (at least in part) the openness of the web.

As far as language support, the initial focus will be on compiling C/C++ to WebAssembly. Once a viable backend for the LLVM compiler has been developed, work on other languages will commence – although you can expect that to be some way down the road.

Expect the concept itself to change radically from these early days, too. There isn't even a draft spec yet, although high-level design documents and prototype source code for compilers, the WebAssembly polyfill, and a modified version of Google's V8 JavaScript engine that can execute WebAssembly natively have already been posted to the project's GitHub page.

To oversee the project, a new WebAssembly Community Group has been formed under the auspices of the World Wide Web Consortium (W3G), and is open for anyone to join. There's also a FAQ that gives more details on the groups plans – such as they are for now. ®

Similar topics

Broader topics

Other stories you might like

  • Emma Sleep Company admits checkout cyber attack
    Customers wake to a nightmare as payment data pilfered from UK website

    Emma Sleep Company has confirmed to The Reg that it suffered a Magecart attack which enabled ne'er-do-wells to skim customers' credit or debit card data from its website.

    Customers were informed of the breach by the mattress maker via email in the past week, with the business saying it was "subject to a cyber attack leading to the theft of personal data" but not specifying in the message when it discovered the digital burglary.

    "This was a sophisticated, targeted cyber-attack on the checkout process on our website and personal information entered, including credit card data, may have been stolen, whether you completed your purchase or not," the email to customers states.

    Continue reading
  • Microsoft Azure developers targeted by 200-plus data-stealing npm packages
    Another day, another attack on the software supply chain

    A group of more than 200 malicious npm packages targeting developers who use Microsoft Azure has been removed two days after they were made available to the public.

    Security firm JFrog on Wednesday said that earlier this week its automated analysis system began raising the alarm about dubious uploads to the npm Registry, the most popular public source of software libraries for the JavaScript ecosystem. This group of packages grew from about 50 to at least 200 by March 21.

    "After manually inspecting some of these packages, it became apparent that this was a targeted attack against the entire @azure npm scope, by an attacker that employed an automatic script to create accounts and upload malicious packages that cover the entirety of that scope," observed security researchers Andrey Polkovnychenko and Shachar Menashe in a write-up. "Currently, the observed malicious payload of these packages were PII (Personally identifiable information) stealers."

    Continue reading
  • Microsoft proposes type syntax for JavaScript
    Long overdue innovation or an affront to all that developers hold dear?

    Type-fans rejoice! Plans (or a proposal, at least) are afoot to pop some type-checking into the infamously dynamically typed JavaScript.

    The proposal planned from Microsoft and others, including devs from the Igalia Coding Experience program and Bloomberg, is all about adding "types as comments" to the language.

    The theory is that it would become possible to have a syntax for types that could be used by tools that need those hooks (such as Microsoft's own TypeScript) and ignored by those that do not.

    Continue reading

Biting the hand that feeds IT © 1998–2022