►
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
Okay,
so
I
was
just
mentioning
that
the
last
week
I
have
not
been
focusing
on
the
SES
level
at
all,
I've
been
focusing
on
the
you
rights
and
smart
contracting
layers
of
the
ORAC
stack.
A
B
A
B
Wasn't
there
to
participate,
but
they
did
have
some
interesting
feedback,
at
least
on
the
first
and
intrinsics
that
we've
talked
about
before
a
couple
times.
Okay,
it
seems
people
are
excited
about
it,
which
is
good,
yeah,
all
great
yeah.
It
seems
it
is
still
very
difficult
to
use,
at
least
with
the
existing
ecosystem
and
things
breaking
on
normal
assignment
operators.
Do.
B
A
B
This
is
somewhat
similar
to
what
we
saw
with
lodash
and
the
effect
on
the
web,
but
for
us
at
least
those
note,
applications
are
generally
not
considered
to
be
problematic
in
forcing
upgrades,
because
you
would
need
to
force
an
upgrade
just
to
opt-in
to
this
flag.
To
begin
with,
unlike
the
approach
that
we
were
taking
for
the
web,
where
for
the
web,
we
were
seeing
if
we
could
do
it
without
requiring
opt-in
of
some
kind,
either
new
operator,
new
evaluation
scheme
or
something
we
can
actually
tell
people
that
they
should
update
their
libraries
for
now.
A
B
B
A
B
A
A
Before
freezing
that
and
I
say
vetted
because
everything's
vulnerable
to
those
things,
so
if
those
things
are
misbehave
in
a
way
the
damages
things,
then
they
damaged
things.
But
okay,
so
you
run
vetted
shims
and
then
you
freeze
the
resulting
what
you
take
to
be
the
primordial,
and
it's
only
after
that
that
you
then
load
untrusted
code.
A
A
A
B
B
B
B
Map
it
no,
it's
not
transparent,
but
it
is
mostly
transparent
to
most
code
yeah
anyway,
there's
pushback
from
there
I
do
think
it
is
going
to
increase
the
further
we
push
forward
with
frozen
intrinsics.
We
also
do
have
some
pushback
from
some
library
authors
in
part,
because
some
philosophical
differences
of
that's
how
the
spec
should
work
where
they're
they
do
not
understand
why
it
is.
The
onus
is
on
the
library
author
to
fix
a
problem
that
is
allowed
by
the
spec.
To
begin
with,
does
that
make.
A
Sense
then,
the
mode
that
we're
time
not
sure
yet
the
the
there's
something
that's
confusing
me,
the
mode
that
we're
talking
about
would
not
be
on
by
default.
It
would
I
mean
it
would
not.
There
was
there's
you
and
hat
there's
a
there's,
a
flag
or
something
that
would
where
you
have
to
opt
in,
and
the
opt-in
would
be
explicit.
Is
that
correct?
A
A
B
B
A
So
so
I
think
what
I'm
confused
about,
if
nothing
I,
don't
think
I'm
confused
about
anything
technical
I'm
confused
about
the
politics
of
this.
This,
the
part
of
the
purpose
of
opting
in
is
it
understood
that
the
reason
why
an
application
would
wants
to
opt
in
is
in
order
to
get
security
properties
such
as
being
able
to
do
least
Authority
linkage
of
libraries.
A
A
So
if
the
theory
is
understood
and
the
thing
that
a
library
wants
to
do,
if
it
were
allowed
to
do
it,
would
destroy
the
security
property,
which
was
the
motivation
for
the
application
opting
in
in
the
first
place.
Isn't
it
sort
of
clear
that
the
application
author
then
has
a
choice?
I
can
either
use
a
library
that
requires
the
application
to
be
insecure
or
I
can
use
the
secure
mode,
in
which
case
I
can't
use
a
library
that
whose
functionality
you
know
it's
not
just
the
way
the
old
library
is
written.
A
B
Do
not
think
that
there
is
the
same
viewpoint
going
on
I.
Think
the
viewpoint
going
on
is
a
question
of
why
can't
it
be
fixed
in
a
way
that
the
library
doesn't
need
to
update
its
code.
We've
had
in
the
past
some
talk
about
changing
the
spec,
which
we
found
to
be
problematic.
The
web
compatibility
reasons
and
I
think
the
idea
of
introducing
a
different
operator
appeals
to
some
people
or
just
going
to
a
web
breakage
a.
A
A
B
C
A
A
The
when
we
made
the
transition
from
Eknath
script,
3
to
Atmos
5
and
introduced
strict
mode
in
Equus
script,
5
it
to
the
the
you
know
it
got
to
like
4%
uptake
fairly
quickly,
but
it
didn't
get
to
majority
uptake
for
many
years,
but
it
did
win
in
the
end
and
you
know
initially
as
long
as
there
is
a
compatibility
mode
that
you
get
by
not
opting
in
and
therefore
you're,
not
breaking
old
things.
You
know
people
did
that
in
large
measure.
A
You
know
96%
of
people
did
that
for
years,
but
then
the
libraries
gradually
fix
themselves
to
be
compatible
with
strict
mode
anyway,
because
even
4%
was
enough
demand
and
the
everybody
could
see
the
writing
on
the
walls
and
without
much
pressure.
Libraries
did
fix
over
time
and
then,
eventually,
with
enough
libraries,
fixed
applications
started
moving
most
of
their
logic
to
straight
mode.
A
B
I
think
they're
still
economic
differences,
strictmode
largely
has
similar
economic
swith
assignment
operators,
at
least
visually
or
when
you're
writing
code
with
sloppy
mode,
and
the
way
these
authors
are
being
told
to
work
around
things
is
to
use
things
like
object,
defined
property,
and
they
don't
want
to
sprinkle
that
all
over
their
code.
Okay,.
A
The
so
so
speaking,
specifically
about
the
override
mistake,
if
the
defined
property
thing,
if
you
know
to
degree
that
that
becomes
a
really
costly
barrier
to
uptake
I'd,
be
willing
to
do
the
access
or
property
thing.
If
that
was
really
not
really
eased
these
political
issues
to
get
the
to
get
the
the
override
mistake,
you
know
mostly
out
of
the
way,
get
it
out
of
the
way
for
you,
90,
plus
percent
of
all
the
cases
by
just
doing
the
access
or
trick
on
you
know,
four
of
the
primordial
prototypes
four
or
five
I.
B
B
B
B
A
C
B
B
So
this
just
started
up
with
the
open
gasps
collaborator
summit
a
bit
and
I've
just
been
seeing
it
ad
hoc
start
up
on
Twitter
in
the
past
couple
days,
both
prior
to
the
summit
and
as
of
earlier
this
24-hour
period
when
it
happened
so
I
think
the
best
person
to
get
a
hold
of
was
probably
miles
from
now,
unless
maybe
John
miles
born.
Yes,
I,
don't
know
how
much
John
is
doing
with
the
security
working
group
here,
Jerry
widget,
Ron.
A
B
C
D
B
A
A
A
Well,
obviously,
I
can't
because
I'm
not
forgotten
right,
I
understand
that
I'll
probably
be
remote
for
part
of
it,
assuming
I
figure
out
the
time
zones-
okay,
okay,
okay,
in
that
case,
it's
going
to
so
if
miles
isn't
there.
This
whole
topic
will
need
to
wait
for
me
to
come
back
in
Berlin
for
more
than
two
weeks
altogether.
B
A
B
C
A
A
Yeah
I'd
also
have
another
half
hour
which
I'm
planning
to
proceed
with,
but
I
don't
have
anything
prepared
yet
and
I,
don't
think
it
needs
a
dry
run,
which
is
what
to
do
about,
but
basically
reforming,
nxb
nxb
is
the
part
of
the
spec,
that's
labeled,
normative
optional,
and
what
that
what
we
mean
by
normative
optional
is
well
it's.
Actually,
it's
two
things
we
mean
by
normative
optional
is
that
a
conforming
engine
can
omit
the
feature.
But
if
the
feature
is
present,
then
it
must
behave
as
described.
A
And
there's
a
whole
bunch
of
things
in
annex
B
that
are
sort
of
that
became
the
dumping
ground
for
things
that
just
seemed
to
unclean
to
be
in
the
main
body
of
the
standard.
As
part
of
how
things
got
there
and
part
of
that
how
things
got
there
is
just
that
they
will.
They
have
been
there
for
a
very
long
time,
so
nobody
thought
to
move
them
out
of
their
way.
I
see,
it
is
there's
a
few
things
there
that
are
genuinely
unsafe.
A
That
I
made
sure
we
ran
nxb,
because
one
of
the
things
that
SES
does
on
startup
is
to
remove
those
things
from
the
primordial.
X'
and
I
also
made
sure
they
were
specified
in
annex
B
in
such
a
manner
that
they
were
removable
so,
for
example,
the
statics
on
the
Reg
X
constructor,
that
is
this
global
communications
channel.
A
So
that's
an
NX
B,
it's
an
NX
B
as
deletable,
and
that
means
that
once
deleted,
it
means
that
SES
can
always
delete
them
and
once
deleted,
the
resulting
system
is
still
a
conforming
system
because
it's
not
a
conforming
browser
system.
But
it's
a
conforming
echo
script
system,
there's
other
things
in
there
that
are
universally
until
implemented
and
perfectly
safe.
A
That
I'm
going
to
propose.
We
promote
to
the
main
spec,
because,
if
they're
universally
implemented
and
safe,
then
it's
just
part
of
reality,
and
we
should
acknowledge
that
by
moving
into
the
main
spec
nobody,
nobody
actually
has
the
ability
to
omit
them
and
the
clearest
example
of
of
safe
is
the
weird
HTML
methods
in
string
dot
prototype.
A
So
you
know,
there's
a
you
know:
string
dot,
prototype,
dot,
bold
or
something
and
they're
all
just
very
simple
string
to
string
manipulation,
things
there's
nothing
unsafe
about
them.
There's
nothing!
That's
different
about
them
from
one
platform
to
another,
so
they
should
just
get
promoted
and
then
there's
the
category
of
things
that
are
specific
to
sloppy
mode,
some
of
which
would
be
unsafe.
A
If
they
were,
they
were
not
specific,
the
sloppy
mode,
but
because
any
safe
environment
is
going
to
turn
sloppy
mode
off
anyway.
Anything
that's
already
specific.
The
sloppy
mode
might
as
well
get
promoted
into
the
main
spec,
or
rather
I,
don't
care
if
it
gets
promoted
into
the
main
spec
or
not.
But
I
want
to
make
it
clear
that
everybody
understands
there's
no
safety
reason
to
keep
them
out
of
the
main
spec,
because
they're
already
kept
out
of
strict
mode
by
their
own
text.
A
A
C
A
This
is
just
my
personal
opinion,
but
those
HTML
methods
of
string
type
prototype
I'm,
not
sure
they
even
make
sense
in
the
modern
world
or
not,
everybody
runs
inside
a
browser.
There
are
many
things
in
JavaScript
that
don't
make
sense,
but
all
implementers
still
obligated
to
implement
them.
No
one's
going
to
ship
an
engine
without
them,
and
therefore
code
that
considers
itself
to
be
host.
Independent,
portable
JavaScript
code
feels
free
to
rely
on
those
things,
and
you
know,
empathy
and
that
kind
of
universality
by
itself
isn't
enough
to
get
promoted
into
the
main
spec.
A
A
Changing
the
inheritance
tree,
the
thing
is,
we
also
have
reflect
dot
set
prototype
of
because
in
order
to
have
admitted
the
ability
to
change
prototypes
at
all,
you
have
to
make
that
work
through
proxies,
which
means
it
has
to
trap,
which
means
the
proxies
have
to
unring.
Lore
has
to
be
able
to
unreflective,
it's
got
so
it's
already
so,
and
the
the
thing
that's
on
reflect
that's
already
in
the
main
spec.
A
A
B
So
what
tofu
is,
is
it's
just
a
auditing
tool
that
basically
takes
in
JavaScript
source
parses
it
very
generously
and
tries
to
see
what
the
possible
usage
of
Global's
and
modules
is
a
fair
amount
of
time?
Your
modules
can
end
up
into
a
dynamic
state
or
your
Global's
can
end
up
into
a
dynamic
state
in
which
the
tool
will
roughly
state
you
could
be
using
ambient
Authority,
meaning
anything.
B
Well
in
the
past,
we've
kind
of
done
this
ad
hoc
without
a
full
listing
of
the
beta
that
we
want,
and
a
couple
of
meetings
ago
we
did
have
mention
of
wanting
more
data.
I
was
wondering
if
we
could
actually
create
a
list
of
all
the
data
we
want,
so
that
we
could
properly
document
what
we
need
to
get
a
hold
of,
and
why
good?
B
On
that
note,
there's
another
thing
as
well
that
we
probably
want
for
tofu.
We
can
swap
it
over
to
the
typescript
parser.
If
you
want
Babel,
does
support
the
typescript
syntax,
but
I
can
get
a
little
bit
more
information
out
of
the
Babel
compiler
for
some
things
like
flow,
but
I
can't
get
the
actual
value
constraints
that
I
could
get
out
of
the
typescript,
parser
and
compiling.
B
So
my
thought
is
once
we
get.
This
list
of
data
will
actually
divide
it
to
run
against
the
typescript
type
checker
and
parser.
Instead,
you
won't
be
able
to
have
as
many
experimental
syntaxes
but
I
think
that's.
Okay.
I
was
wondering
what
people
thought
about
that
if
we
can't
use
as
many
syntax
extensions
so.
A
So,
unless,
let's
take
typescript
as
an
example,
there's
a
clear
example
for
the
question
I'm
about
to
ask,
and
then
we
can
think
about
other
languages
that
compile
to
JavaScript
for
purposes
of
tofu.
For
the
analysis
the
tofu
does,
if
for
code,
that's
in
typescript,
if
you
applied
the
tofu
analysis
after
compiling
to
JavaScript,
rather
than
compiling
it
rather
than
applying
tofu
to
the
sources,
would
would
that
result
in
any
imprecision
of
the
of
the
results
of
the
tofu
analysis?
A
B
B
B
Pure
script
or
live
Spirit
CoffeeScript
as
well.
Anything
that
does
more
and
more
code
transforms.
Babel
is
pretty
bad
just
because
they
do
a
lot
of
calling
out
to
runtime
stuff,
and
once
you
start
losing
things
got
it
not
it,
but
babble
and
stuff
they're,
mostly
about
these
code,
transforms
typescript
in
particular,
has
very
fiddly
bits
when
it
comes
to
compiling
how
modules
work.
There
are
a
lot
of
different
options
for
the
kind
of
output
for
your
typescript
compiler.
They
have
many
different
target
combinations
and
that's
where
you
start
to
lose
information.
A
So
would
so
in
terms
of
development
strategy.
It
seems
like
it
would
make
sense
to
start
by
only
analyzing.
The
output
of
the
transformations
I
only
had
only
analyzing
JavaScript
itself
to
start,
and
then
you
know
only
do
no
more
work
as
driven
by
the
the
is
driven
by
actual
pain
caused
by
the
imprecision.
So.
B
B
It
uses
an
inference
engine,
however
there
and
the
type
system
is
slight.
We
different
I
am
talking
to
them
actively
about
ironing
out
and
documenting
the
differences.
But
yes,
no,
that's
what
you
see
in
editors,
that
use
completions
for
J's
files
for
code
and
other
stuff.
Okay,.
B
So
typescript
we
already
have
an
AST.
That's
not
really
what
we'd
gain
from
doing
this,
what
we'd
gain
from
doing
this
is
we'd
gain
access
to
type
scripts
type
checker,
hopefully,
which
sometimes
can
do
things
like
type
of
constraints
and
ensure
that
things
or
ensure
that
it's
a
specific
string
and
things
like
that
now.
D
D
Their
property
keys
seem
to
have
like
some
a
layered
logic
that
evolved
over
time
and
they
can't
seem
to
figure
out
key
of
things
that
are
not
strings
yeah.
You
know
like
like
they
struggle
with
symbols
and
the
other
thing
they
struggle
with
is
static.
Members
like
members
of
constructors,
those
are
the
two
downsides
of
type
scripts
in
my
typescript.
In
my
experience,
okay,.
A
B
A
B
B
So
typescript
has
the
ability
to
declare
what
our
enemy's
enums
generally
are
backed
by
strings
and
typescript,
and
so
you
can
reduce
at
least
some
usage
of
things
like
dynamic
imports
and
the
such
or
require
or
property
access
on
the
Global's
saying
that
oh,
this
has
to
be
one
of
these
keys.
So
for
web
reasons
or
anything
else,
you
may
have
different
prefixes
about
vendored
versions
of
api's,
and
you
want
just
one
of
them
that
works.
B
A
B
A
Yeah
and
modern
types,
modern
typescript
also
has
some
kind
of
guard
syntax,
where
it
actually
does
do
a
runtime
check.
But
it's
understood
that
the
different
branches
of
I
mean
it's
it's.
It's
understood
that
the
runtime
check
corresponds
to
static
types
so
that
it
can
statically
type
the
branches
of
the
resulting
condition.
I.
C
B
I'll,
just
put
I
should
explain
this
a
little
bit
as
well,
so
typescript
doesn't
really
do
types
on
a
binding
level.
It
does
it
more
on
a
location
level
if
you
look
at
their
API
X.
So
whenever
you're
querying
types
you
have
to
specify
where
this
is
so
all
their
tracking
of
what
they
call
symbols
which
is
kind
of
the
typing
container
for
values
is
done
with
location
as
part
of
its
primary
key
okay.
B
B
B
B
I
will
probably
end
up
doing
that
once
I
get
a
little
further
ahead
with
a
few
things
and
note
PRS.
So
this
is
more
an
eventual
plan.
We
can
run
it
over
the
corpus
of
NPM.
However,
the
usage
of
web
pack
and
things
makes
it
fail
spectacularly
for
some
things
where
people
are
injecting
things
through
web
pack
config
rather
than
the
source
text
itself.
A
B
B
B
We
might
hear
her
whining
during
the
call.
Sorry
for
the
most
part,
the
rewrite
was
to
change
it
so
that
it
could
be
split
out
into
workers
right
now.
It
does
take
a
prohibitive
amount
of
time
to
run
on
a
large
code
base
which
might
be
acceptable
might
not
be,
but
once
you
get
into
code
bases
with
the
tens
of
thousands
of
files
which,
as
you
see,
it,
takes
at
least
20
minutes.
A
B
B
A
I
think
I
think
we
are
going
to
be
standardizing
some
kind
of
manifest
or
configuration
file
for
SES
for
doing
all
the
least
authority,
module,
wiring
and
I.
Think
what
we're
going
to
do
at
that
point
is
just
have
there
be
a
separate
program
that
takes
in
whatever
tofu
outputs
and
then
generates
an
SES
configuration
from
that,
so
I
thought
I,
don't
think
that's
going
to
be
that
shouldn't
be
very
constraining
on
tofu
itself.
A
A
B
A
B
A
We
were
analyzing
and
it
was
clear
that
it
was
only
you
know,
process
dot,
something
dot,
something
that
was
actually
being
accessed,
and
so,
if
you
just
you,
basically
track
all
uses
of
the
global
and
see
that
the
only
use
being
made
of
it
is
to
access
named
properties
from
it
that
the
global
that
the
that
be
named,
that
the
named
thing
that
that
you
know
the
named
value
is
not
itself
escaping
into
you
know.
So
it's
never
passed
as
a
parameter.
Basically,
it's
never
really.
A
If
I'd
there's,
no,
no,
no
code,
that
has
a
hold
of
that
of
that
value
without
knowing
that
that's
what
it
is,
and
then
you
see
that
it's,
and
so
at
that
point
you
can
pretty
much
infer
that
that
object
is
being
used
as
a
record.
Only
those
fields
of
the
record
are
being
used
and
you
know
which
modules
are
using,
which
fields
and
then
a
leased
authority.
Attenuation
of
that
can
go
ahead
and
present
replacement
records
that
only
contain
a
copy
of
the
fields
that
tofu
said
were
being
used
and
that's
pretty
much.
A
B
A
B
A
The
so
the
the
nice
thing
about
node
is
that
there's
so
few
powerful
Global's
there
is
basically
just
you
know,
process
and
array
buffer
and
then
there's
you
know
require
is
a
powerful
global
of
course,
but
we
we
process
require
specially.
They
don't
consider
it
to
be
global.
We
consider
it
to
be
the
subject
of
our
our
static
analysis,
based
on
on
thinking
of
it
as
a
key
word
for
the
module
system,
so
so
the
so
an
array
buffer
is,
it
is,
is
the
class
array
buffer?
A
A
We
care
about
yeah
I
mean
just
in
general
process.
We
care
about
least
authority
linkage
for
web
code
and
tofu
that
does
this
kind
of
module
field
tracking
would
be
very
useful
for
the
web,
because
you
know
you
see
that
the
only
use
made
of
document
is
to
get
you
know,
document
dot,
something
dot,
something
that
tells
you
a
lot
so
so
for
the
web.
It
would
be
useful
now
for
things
obtained
from
require
I.
Think
it's
probably
also
useful
as
well
like.
A
A
Okay,
good
good,
so
you
can
do
that
by
field
tracking
by
method
tracking
in
that
case
and
then
provide
and
to
that
module
in
HTTP.
That
only
has
those
methods,
and
that
would
be
a
good.
You
know
initial
default
attenuation
that
shouldn't
break
things
but
enables
you
to
catch
you
later
upgrades
of
authority.
B
A
B
A
Yeah
yeah
I
think
with
someone
like
tofu,
the
the
you
know,
start
off.
You
know
shortening
the
development
time
by
just
being
imprecise
everywhere.
You
don't
know
how
much
the
cost
of
being
imprecise
is
and
then
we'll
find
out.
A
A
D
C
D
The
goal
of
this
is
to
be
able
to
safely
mutate
aspects
of
source
text
that
you
know
without
without
having
to
have
a
full
AST
good
examples
would
be,
and
if
you're
rewriting
the
from
clause
for
import
and
export
declarations,
you
don't
necessarily
need
to
know
everything
about
everything
in
the
code.
You
just
meant
enough
that
this
particular
string
is
a
module
reference.
D
Alright,
so
so
I'm
just
going
to
you,
know,
show
the
earlier
work.
I
did
on
parsing
JavaScript
and
the
intent
wasn't
person
correctly,
but
rather
to
build
a
parsing
infrastructure
that
works
for
more
than
just
JavaScript.
That
allows
me
to
nest
different
syntaxes
like
javascript,
HTML
and
CSS
me
in
that
purser
it
was
purely
declarative.
It
only
used
a
regular
expression.
D
You
know
an
object
with
various
regular
expressions
in
pin
lookups
like
sets
or
arrays
to
define
a
syntax
and
obviously
the
lack
of
being
able
to
write
logic
meant
that
a
regular
expression
was
matched
by
hitting
a
solidus
and
looking
you
know,
forward-looking
base,
look
Ahead's
logic,
which
is
flawed,
two
parts
JavaScript,
but
not
flawed
too.
Maybe
you
know
just
syntax
highlight
or
something
in
many
cases,
so
so
in
this
approach.
D
Obviously
the
that
the
the
selling
point
of
this
is
that
it's
extremely
fast,
it's
very
flawed,
but
you
know
you
can
optimize
it,
and
you
know
you
can
run
through
this
entire
length
in
in
you
know
time
that
it's
you
know
so
so
if
that
works
for
you,
you
know
well
and
good,
but
I.
Don't
think
that
should
be
a
good
way
to
parse
anything.
A
Right
for
SES
purposes,
something
like
a
you
know
like
this
parser
in
terms
of
its
output,
would
be
very
useful
because,
except
for
imports
and
exports,
the
way
we
want
to
do
modules
leaves
all
of
the
other
text
literally
as
is,
and
it
doesn't
need
to
be
parsed.
So
that's
that's
very
attractive
about
this
approach.
Yeah,
but
for
SES
purposes.
The
the
the
code
that
we're
parsing
is
written
by
the
adversary.
Exactly
so,
we
have
to
have
an
accurate
parser.
We
cannot
have
imprecision
of
the
parser
yeah.
D
Sorry
yeah,
I,
just
I,
was
just
agreeing
yeah,
so
so
I
thought.
Okay,
maybe
I
could
play
around
with
this
idea
of
like
putting
like
functions
inside
up
like
regular
expressions
and
and
template
literals.
You
know
being
the
closest
thing
and
you
know,
I
I
just
went
ahead
with
it,
and
you
also
pointed
me
towards
Tim
Desmond's
yeah.
C
A
Only
additional
token,
the
only
additional
lexical
concern
that
I'm
aware
of
that
that
it
was
introduced
after
es5.
These
template
literals
themselves,
where
you
have
taken
care
to
do
bracket
matching,
you
know
count
the
clothes
identify,
real
clothes
car
lays
and
count
the
clothes
Curly's
if
you're
in
a
substitution
hole
within
a
template
literal.
So
you
know
you've
completed
the
substitution
hole
and
you're
back
in
the
in
the
literal
part
of
the
template.
Yeah
think
that's
the
only
additional
and
flexing
concern.
True.
D
So
if
it's,
you
know,
if
you're
looking
ahead
to
determine
if
you
started
in
the
right
spot,
then
you're
doing
something
wrong.
So
the
only
flaw
in
my
initial
design,
which
is
super
fast,
is
that
you
can.
You
can
hijack
it
by
just
throwing
closers
in
what
would
appear
to
me
as
a
regular
expression
when
it's
not
and
that
that's
that's,
obviously,
but
but
but
being
able
to
close
an
open
contexts.
D
A
Let
me,
let
me
make
sure
I
understand
what
problem
you're
solving
your.
Are
you
trying
to
be
a
procuring
parser,
or
are
you
still
trying
to
just
sort
of
get
close
for
non-adversarial
code,
but
your
but
I
mean
so
yeah?
This
is
the
question.
Are
you
trying
to
solve
the
other,
the
parsing
of
adversarial
code,
examples
problem
or
argue,
I'm.
D
Trying
to,
depending
on
first
off
I'm,
trying
to
close
doors
where
people
can
can
can
find
an
inconsistent
trait
of
the
parsing
approach
and
use
that.
So
yes,
if
I
miss,
identify
a
regular
expression.
That
means
that
that
the
the
with
the
basic
design
and
itself
is
flawed.
So
so
I
only
need
the
tokenizer
to
close
the
door
of
potentially,
you
know
masquerading
syntax,
but
you
know
because
I'm
going
to
assume
it's
a
regular
expression,
I'm
not
going
to
count
it
or
something
like
that.
I.
D
A
D
So
so
what
what
I'm
trying
to
say
is
I'm
not
trying
to
catch
every
single
trick.
You
would
you
would
put
in
code
as
if
I
was
the
runtime,
but
anything
that
would
affect
my
judgment
on
whether
or
not
I
should
be
changing.
Aren't
import
references
here
then.
Yes,
that
that
I
definitely
have
to
know
enough
to
mutate
code
as
needed
without
okay.
A
If
you
don't
tokenize
accurately,
then
you
don't
know
when
you
see
the
string
import
inside
a
comment.
Am
I
inside
or
literal
string
or
is
this
or
am
I
outside
those
things,
and
this
is
a
genuine
import,
keyword,
yeah
and
and
as
soon
as
you
get
out
of
sync
about
whether
you're
inside
a
literal
string
or
outside
a
literal
string,
mm-hmm
and
everything
else
that
you
analyze
is,
you
know
maliciously
constructed
nonsense?
D
I
definitely
want
to
tokenize
accurately,
and
in
order
to
do
that
there,
the
one
part
that
cannot
be
tokenized
accurately
without
without
some
contextual
knowledge
of
syntax
is
the
solidus
everything
else
you
can
match.
You
could
very
very
easily
not
fall
into
an
escaped
spring
trick.
You
could
very
with
a
regular
expression
that
that
just
uses
very,
very
little
complexity.
D
Es5
strings
are
very,
very
easy
to
safeguard
against
what
is
not
easy
to
safeguard
against
this
template
literal,
because
it
definitely
does
create
a
picture
inside
a
picture
kind
of
complexity,
their
regular
expressions
alone.
Don't
don't
help
tokenizing
template
literal
is
straightforward,
so
the
only
thing
that
was
left
that
wasn't
that
required,
parser
knowledge
of
of
your
syntax.
Some
of
your
syntax
is
the
solidus,
and
so
so
so
in
terms
of
tokenizing
accurately.
Unfortunately,
for
JavaScript,
you
need
a
little
bit
beyond
just
the
pure
tokenization,
but
rather
some
lexical.
D
You
know
like
some
additional
knowledge
of
the
syntax
itself
and
and
I
think
what
I'm
trying
to
do
is
I'm
trying
to
say.
Well,
you
can't
you
can't
say
that
the
two
options
are
either
your
parser
free
like
there.
There
isn't
any
kind
of
parsing
effort
being
done
or
you're
a
full
ASP
solution
that
has
to
generate
the
full
tree
in
order
for
it
to
make
sense
of
any
node
and
I'm
trying
to
find
the
middle
ground
between
the
two.
Basically.
A
D
A
So
if
I
remember
ten
Disney's
approach
in
order
to
figure
out
how
to
interpret
a
solidus,
he
kept
as
contexts
as
context,
a
few
tokens
behind
in
sort
of
in
in
memories,
as
so
to
speak.
Yes,
look
back
at
them
to
determine
enough
lexical
context,
information
to
understand
how
to
parse
how
to
tokenize,
rather
how
to
process
a
solidus
when
he
came
across
it.
D
And
and
the
thing
about
his
approach,
though,
is
it
was
written
for
es5,
yeah
and
since
es5
a
number
of
complexities
changed
so
III
took
I
took
his
you
know,
I
was
inspired
by
his
approach
of
figuring,
Salafist,
right
and
I
said.
Okay,
we
tried
to
he
tried
to
figure
your
regular
expressions.
All
of
us
I
I
instead
thought.
D
Okay,
when
when
can
you
divide
because
really
division
is
a
mathematical
concept
that
has
you
know
been
there
for
like
ages
and
it's
been
refined
and
nobody
defines
that
divides
nothing
over
something
like
not
not
like
not
the
symbol
for
nothing
but
rather
absolute
vacuum.
You
don't
start
any
mathematical
thing
by
saying
divide,
and
then
you
know
he
continued
formula.
So
so
that
would
mean
that
dividing
in
the
start
of
us,
an
expression
is
always
a
regular
expression.
D
Brace
occurs
before
a
solidus.
This
is
where
logic
needs
to
look
a
little
bit
behind,
so
what
he
did
is
he
said
that
when
I
look
behind
one
or
two
tokens
I'm,
not
literally
looking
one
or
two
scanner
tokens
but
I'm,
saying
that
this
curly
brace
can
contain.
You
know
a
thousand
lines
of
code,
but
it
is,
it
is
the
opener
and
the
closer
and
everything
in
between
that
are
a
token
in
his
MO.
D
Oh
no,
no,
no,
like,
like
he
literally
uses
a
curly
brace
triple
dot,
curly,
brace
to
indicate
that
whatever
you
put
inside
that
curly
brace
is
considered
to
be
a
different
plane.
You
know
that
that
plane
is
separate
from
your
plate.
So
so
let
me,
let
me
try
to
elaborate
a
function.
Declaration
can
have
a
body
can
have
arguments,
but
it
ends
with
with
a
curl.
D
What
he's
saying
is
that?
Because
we
know
this
closing
curly
is
for
a
function
declaration.
We
know
that
anything
that
falls
on
the
same
line
will
have
an
an
ASI
kind
of
semicolon.
So
it's
like
you're
spreading
a
new
sentence
on
a
new
line.
Are
you
thinking
on
you
mind?
So
so
so
you
cannot
really
divide
empty
by
something.
So
it's
a
regular
expression.
However,
if
that
was
an
and
and
note
I'm
keeping
fixed
knees
here
until
I
find
the
best
the
best
place
to
add
more
logic
into
this,
the
curly
brace
of
an
object.
D
Literal,
if
you
know
it
is
wood,
should
be
a
divide,
because
an
object,
literal
is
as
something
it's
not
a
nothing,
and
that
means
that
the
solid
is
following
an
object.
Literal
is
always
going
to
be
a
divide
and
which
I
don't
I,
don't
get
right.
You
know
with
my
very
very
early
implementation,
one
it's
not
the
full
thing,
but
also
if
your
function
is
not
a
declaration
but
an
expression.
D
So
so
from
from
his
standpoint,
he
wasn't
really
talking
about
like
one
or
two
independent
things
that
you
would
call
productions
or
so
on
in
in
vehicle
script
spec,
but
rather
abstractions
of
you
know.
This
is
the
function
body.
It's
a
token
I
closed
everything
that
opens
in
it
and
it
ends
and
I
know
that
this
matches
that
one,
so
anything
that
goes
in
the
middle
of
the
body
is
triple
dot.
Okay,.
D
Yeah,
you
have
to
lock
it.
You
can't
not
walk
the
body.
Okay,
but
yeah
like
so
an
invalid
number
of
openers
and
closers
or
the
limiters
and
an
unmatched.
The
limiter
will
mean
that
this
is
the
wrong
curly,
brace,
theoretically
right,
but
eventually
there
was.
You
know
if
there's
a
mismatch.
There,
that's
a
different
problem
due
to
to
work
on
you
know
and,
and
that
problem
I've
already
handled
I,
just
depending
on
the
context.
How
do
you
want
to
handle
mismatches?
D
A
D
So
so
I
don't
I,
write
semicolons
in
a
very,
very
like
I've,
always
done
it.
The
same
way
and
I
honestly
did
not
explore
asi
I'm
us
in
cases
where
I
know
it
affects
the
solidus
and
I.
Consider
ASI
problems
to
be
my
next
stop
if
they
are
substantial,
I'm,
not
doing
an
ast
parse,
which
means
that
in
many
places
where
a
semicolon
will
not
attend
to
solve
this,
it's
absurd
presence
is
not
a
problem
until
it's
actually.
A
A
D
A
D
I
noted
that
I
did
that
relative
to
the
solidus,
the
only
the
only
ASI
I
paid
attention
to
very
very
clearly
in
my
in
my
in
my
tests.
So
far
you
know
my
exploration
so
forth
was
ASIS
that
that
that
interact
with
assaults
I
did
not
worry
about
a
sighs
elsewhere.
That's
that's!
That's
what
I
did
right
so
so
notice
of
my
comments
here.
I
did
say
that
every
time
there's
a
keyword.
D
What
follows
that
is
literally
regular
expression,
even
if
an
ASI
happened.
The
fact
that
there
is
a
key
word
means
what
follows
it
is
the
beginning
of
a
new
kind
of
you
know,
sub
expression
or
expression,
or
you
know
it's
not
a
continuation
of
the
expression,
so
any
keyword
does
that
even
an
invalid
one
and
the
other
so
ASIS,
where
keywords
are
concerned,
are
not
a
big
issue.
I'm
already
saying
that
a
function
declaration
assumes
an
ASI,
so
I
make
the
assumption
that
this
curly
brace
will.
D
D
A
C
D
So
at
this
point
back
back
to
where
we're
saying
we're
going
to
know
what
starts
a
curly
brace,
we
will
also
you
know
in
that
logic
being
implemented.
You
know
it's
it's!
My
next
stop
I'm
going
to
know
if,
in
that,
curly
brace
the
occurrence
of
a
weight
is
a
keyword
or
not,
and
at
that
case
I
will
either
tokenize
it
as
a
keyword
or
an
identifier,
I
I,
just
the
abstract,
the
a
clean
abstract
way
to
keep
that
knowledge
before
we
start
a
curly
brace
is,
is
what
I'm
exploring
at
this
one.
D
So
you're
absolutely
right.
If
this
was
an
identifier,
then
you
know
this
expression
right
here
would
have
been
a
divide,
not
a
red,
regular
expression,
so
so
so
yeah.
So
definitely
there.
There
is
more
to
glow
from
you
know,
starting
starting
from
here,
but
it
all
seems
to
relate
directly
just
to
curly
braces
yeah.
A
D
Okay,
you
only
can
know
that
when
you,
when
you
open
the
curly
brace
that
in
which
in
a
weight
of
curs
of
the
function
in
which
and
a
weight
will
occur,
so
you
have
to
note
if
that
function
was
an
async
function
or
not
okay
or
a
generator.
Where
yield
will
her
you
know.
So
these
are
all
stateful
aspects
that
that
you
need
a
little
bit
more
than
just
tokenizing
to
marry
who
to
be
aware
of
okay
and
what
I'm
exploring
to
actually
work.
You
know
as
an
abstraction
to
work.
D
A
Just
interject
that,
with
this
example
of
wait,
what
I
said
earlier
is
clearly
wrong
when
I
said
that
the
only
new
tokenizing
issue
was
the
you
know,
since
es5
was
template,
literals
I
completely
forgot
about
things
like
how
parameterised
purse
first
Productions
effect.
Lexing,
that's
really
pretty
disturbing.
A
D
Five
yeah
so
so
I'm
exploring
this
idea
of
constructs
that
you
could
potentially
say
that
you
have
a
little
bit
of
a
like,
like
a
tokenizer
with
it,
with
a
little
bit
of
a
character
right.
It
knows
a
little
bit
more
than
it
needs
to,
and-
and
it
basically
takes
things
of
the
atmospheric
grammar,
not
the
whole
production,
but
rather
more
than
one
thing
that
starts
with
a
concrete
or
or
invariant
thing.
You
know
something
you
cannot
confuse
and
and
things
that
follow
it
so
with
constructs.
D
One
example
here
is
that
this
has
three
constructs
the
first
one
being
the
export
appearing
as
a
keyword
where
it
would
be
a
valid
construct.
Ie,
it's
it's,
the
it's
not
within
any
closures,
and
you
know
it's
a
module
source
once
that
construct
is,
you
know,
known
to
actually
be
exactly
what
you
think
it
is
it's
a
declaration
for
export,
then
you
could
say
well
another
construct
that
could
follow.
D
That
is
when
a
star
thought
that
separates
it
from
as
and
stuff
that
separates
it
from
identifiers
occur
and
that
on
their
own
there
are
a
construct.
According
to
you,
the
spec.
Today,
this
together
is
not
about
like
this
statement
is
not
done
according
to
the
spec
today,
tomorrow,
it's
actually
valid.
D
So
a
third,
a
third
construct
in
this
is
the
from
flaws.
A
from
clause
can
only
occur
when
you
have
import
and
foreign
export
declaration
with
something
not
just
you
know,
import
followed
by
from
clause,
and
then
a
from
clause
can
occur
so
I'm
trying
to
think
of
instead
of
a
it's
easier,
just
saying
that
you're
going
to
find
a
way
to
abstract
away
the
noise
and
look
at
at
sub-expressions
and
and
they
are
called
construct.
D
You
know
potentially
white
spaces,
commas,
what
whatever
can
be
in
between
so
so
you
know
it's,
it's
a
very,
very
it's
an
idea.
I've
been
exploring
on
different
fronts,
but
it's
starting
to
take
shape.
So
when
we
are
tokenizing,
we
can
keep
track
of
what
we
are.
What
construct
is
is
is
happening
and
a
construct
is
not
a
validity
clause
or
a
rule
for
validity,
but
rather,
if
a
construct
is
realized,
you
know
you
can
see
that
this
is
the
construct.
Then
you
could
address
that
construct
in
a
valid
way.
D
D
So
my
constructs,
you
know
they
they
kind
of
look
a
little
bit
like
the
documentation,
but
clearly
with
a
construct
you
can
know
from
so
it's
kind
of
like,
like
the
you
know,
one
or
more
token
build
up
this
construct,
and
once
that
is
done,
I
can
look.
You
know
the
construct
can
say
what
follows
me
has
an
effect
in
in
this.
In
this
view,
an
async
function
will
be
a
construct
that
will
effect
the
curly
brace
of
the
function
body
that
follows,
and
it
is
somewhat
a
tokenizer
level.
D
D
C
D
A
C
A
C
C
C
A
A
C
Becomes
ambiguous
in
the
body
so
in
in
this
context,
we
are
following
it
with
what
is
what
is
either
an
argument
list
or
a
parameter
list,
and
we
don't
know
until
we
see
the
token
that
follows
it
here,
it's
being
invoked
as
a
function
and
compared
to
zero,
and
here
it
is
being
interpreted
as
a
function.
That
is.
D
A
C
D
D
D
C
D
D
A
construct
its
it's
not
a
look
ahead
because
a
construct
only
says
a
sink
is
a
key
word
if
there's
a
fat
arrow
or
a
curly,
brace,
but
but
curly,
brace
where
this
would
have
been
inside
a
curly
brace
as
in
this
was
a
method.
So
if
the
keyword
function
occurred
after
a
sink,
it's
it's
the
beginning
of
the
construct.
If
a
sink
occurred,
curly
braces
and
Tim
Disney
says
everything
inside
that.
That
round
brace
sorry
is
considered
one
token.
D
Obviously
it
takes
parsing
in
all
of
it
like
tokenization,
but
one
once
you
balance
that
round
bracket
a
construct
of
an
async
arrow
function
is
only
that
when
it
has
the
fat
arrow.
So
so
what
I'm
saying
is
tokenizing
this
literal
like
one
off
tokens,
is
not
enough
parsing
it
all.
The
way
is
too
much
saying
a
construct
occurs
when
the
fat
arrow
fulfills,
that
this
is
an
async
keyword,
is
the
middle
ground
between
parsing
and
tokenization.
D
C
D
Yeah,
because
round
brackets
are
very,
very
natural
in
math
right,
so
I
think
whoever
thought
about
this
and-
and
you
know
there
are
so
many
people
before
it-
you
put
stuff
in
the
spec.
So
so
I'm
talking
you
know
in
general
people
who
have
thought
about
the
syntax
to
affect
solidus.
You
know
the
way
we
perceive
it
now.
D
A
D
They
thought
about
the,
but
where
you
need
to
write
where
you
need
the
colon
you
know
standard
or
it's
error,
semi
standard
with
prettier,
so
I
think
when
they
found
themselves
fighting
all
the
time.
They
just
said
that
they
you,
the
reasonable
human
thing
to
do
here,
is
to
introduce
a
si
so
that
people
don't
have
this
kind
of
argument.
Every
time
they
talk
dollars.
Great.
A
A
I
mean
we
probably
could
have
just
asked
Brendan.
Excuse
me,
but
Brendan
is
very,
very
good
about
remembering
reasons
for
everything
never
ever
gets
defensive.
It's
really
extraordinary
how
he
just
never
ever
gets
defensive
ever
feels
like
he
needs
to.
You
know
to
justify
or
defend
some
old
decision
that
he
made
it's
just
very,
very
clear-eyed
and
actual
about
the
history.
D
C
D
Don't
don't
assume
because
you
see
a
potential
keyword
that
signifies
a
potential
goal
that
you
are
in
that
goal?
Don't
make
this
kind
of
assumption,
because
because
some
people
say
to
disambiguate
modules
and
in
node.js,
for
instance,
being
common,
j/s
or
atmosphere
just
look
for
module
exports
and
you
know
there
are
so
many
ways
you
can
go
wrong
with
that
yeah
you
know
or
make
sure
there's
module
es
module
syntax
in
there
and
then
it
cannot
be
com
jeaious.
Well,
not
if
I
don't
know
what
I'm
doing
you
know
well,
yeah.
C
That
so
those
are
the
ambiguous
cases
and
I
would
it
would?
It
would
be
fair
for
you
to
have
any
kind
of
consumer
of
source
text
that
accepted
a
goal
of
our
school
and
had
some
configuration
whether
it
was
the
default
or
not,
that
it
would
switch
to
a
different
goal
when
it
encountered
something
in
the
text
indicating
that
it
should
switch
yeah.
D
C
C
C
C
C
D
So
so
I
really
appreciate
you
know
this,
like
you,
definitely
given
me
a
far
less
abstract.
You
know,
approach
to
you
know
philosophically
address
a
few
of
the
issues
I'm
having
so,
but
definitely
this
idea
of
yield
without
indication
of
generator,
whether
it's
configured
configuration
or
literally,
because
it
is
the
code
defaulting
to
the
fact
that
you
know
yes,
so
yeah.
Thank
you
so
much
for
that.
A
A
D
A
As
far
as
I
know,
all
parsers
actually
do
recognize
HTML
comments.
Although
I
need
to
ask
the
jxs
guys,
what
do
they
do?
I
got
know
if
they
did,
but
if
all
of
the
other
ones
do
and
XS
is
the
only
one
that
does
not
I'm
still
going
to
recommend
that
HTML
comments
this
this
thing,
that's
just
incredibly
ugly,
that
I
wish
I
could
get
rid
of
it's
like
since
I
can't
get
rid
of
it.
A
D
So
I
I
have
one
question
for
you,
because
I've
been
trying
to
make
heads
and
tails
like.
Obviously
this
was
inspect
according
to
how
it
already
behaved
when
somebody
made
it
work
for
some
reason:
yep
right
so
but
but
I
I,
look
at
it
and
I
tell
myself
like
I.
If
it
is
a
multi-line,
then
it
should
be
literally.
It
should
follow
the
same
rules
as
the
multi-line
comment
and
if.
C
D
A
A
Acorn
acorn
assumed
that
it
was
multi-line
than
it
is
not,
and
the
result
was
that
somebody
was
able
to
do
a
security
attack
against
kaha
because
of
that,
so
whatever
the
current
behavior
is,
if
it's
Universal,
the
only
thing
we
can
do
is
to
the
only
option
we
have
is
to
change
it
from
optional
to
mandatory.
We
cannot
change
how
it
works.
D
A
A
D
A
D
C
D
A
C
A
D
D
A
So
changes
to
the
wording
to
make
things
clearer
without
making
them
any
less
precise
yeah
any
any
such
you
know
rewording
you
should
just
submit
as
a
pull
request.
People
have
been
doing
that
they've
generally
gotten
accepted.
If
there's
nothing
controversial
about
them,
people
always
appreciate
an
improvement
in
the
wording.