alt Hacker NewsI can easily imagine a world where you could install an open source PWA from an archive file into its own security sandbox without any further hoops to jump through, and it continues to just work indefinitely because the web has very good backwards compatibility guarantees. Instead, we have to get licensed and notarized by the monopolies and they keep you on a constant treadmill of drudgery just to stay up to date. Or you install somebody else's monopoly-approved "legitimate business" app which steals or leaks your data. Sad!
> the web has very good backwards compatibility guarantees
Kinda... Google and folks have been cracking down on security pretty hard, to the point where certain things would probably stop working if you weren't maintaining the security of the endpoint or something correctly. There are APIs (more and more everyday it seems...) that only work with "secure contexts" like HTTPS, and they're working actively on tightening HTTPS requirements (like shortening certificate lifetimes, valid ciphers etc). Sure, this helps improve security, but not without breaking compatibility.