Today we're excited to share that StackBlitz is now an official member of the Bytecode Alliance. This amazing rank of organizations is working together to create a faster, secure-by-default future for computing that leverages decades of experience doing so inside web browsers.

WebAssembly plays a key role in enabling this new future, and the Bytecode Alliance is tackling some of the greatest challenges to unlock widespread adoption of WebAssembly both inside and outside of browsers. Their work to date includes new standards such as the WebAssembly System Interface (WASI) and popular ecosystem tooling like wasmtime or wit-bindgen.

Lin Clark's must-read post announcing the Bytecode Alliance offers a deep dive into the current security issues software toolchains face and the motivations and guiding principles of how the Bytecode Alliance aims to solve them. This quote captures it well:

Together, we're putting in solid, secure foundations that can make it safe to use untrusted code, no matter where you're running it — whether on the cloud, natively on someone's desktop, or even on a tiny IoT device.

With this, developers can be as productive as they are today, using open source in the same way, but without putting their users at risk.

Why we're joining Permalink

StackBlitz shares this same vision for secure WebAssembly-based computing. When we set out to build WebContainers, our WebAssembly-powered containerization technology, it was clear to us that something special was happening with WebAssembly and a different type of future was being unlocked. Millions of developers now use WebContainer environments on StackBlitz.com every month, but still, much remains to be done to bring this technology to all computing environments.

Being a part of this cross-industry partnership is enabling us to bring WebContainers more rapidly to all devices, languages, platforms, and runtimes. Permalink

In fact, we've already made progress in the short time since we joined:

How we plan to contribute Permalink

We are standing on the shoulders of giants in the Bytecode Alliance who have been incredibly supportive of our mission and its execution. In turn, we also want to contribute, and we are uniquely able to do so in the following ways:

1. Help tighten the feedback loop for standards and implementors Permalink

The largest stress tests of computing platforms are often video games and IDEs. Both of these application types require API surfaces that only the most powerful, mature, and robust platforms can provide and thus, serve as a good "north star" for which platform vendors strive.

This is actually where WebAssembly originated. In the early 2010's, Mozilla wanted to expand the web's capabilities to enable desktop grade applications and started up their games program. In this article from IEEE, Luke Wagner explains their motivations:

"The thinking from team leader Martin Best of Mozilla was this: If we could make games run well on the Web, other computationally intensive applications would soon follow."

Their work in this regard was wildly successful and ultimately led them to invent emscripten, asm.js, and then WebAssembly itself. In turn, these technologies have now enabled video games to run inside browsers and also unlocked new productivity tools that made rich editing possible for graphics, videos, documents, and more.

However, IDEs pose additional sets of challenges beyond what games require such as some level of environment virtualization to enable developers to build the platform using the platform. This is a key stress test, and it's why our work on WebContainers is unique in how it pushes the absolute limits of what WebAssembly and browser engines can do. This also means we're often the first to run into critical platform bugs and limitations. Some examples of this include:

The faster these types of issues are identified and addressed, the faster our industry can unlock this new future. With millions of developers pushing the cutting edge of WebAssembly and browser engines on StackBlitz.com every month, we are uniquely positioned to help close this feedback loop and enable new types of computationally intensive applications to exist on the web.

2. Help the web ecosystem adopt WebAssembly and secure supply chains Permalink

We want secure WebAssembly-based environments to proliferate everywhere, without developers needing to rewrite their software. This can only be possible if the transition for developers is seamless and provides a better experience than native binaries. In general, this is StackBlitz's guiding product philosophy: everything must be faster and more secure, by default.

Additionally, with the increase of npm supply chain attacks, JavaScript toolchains need to increase security posture. StackBlitz is one of the leaders in this area and we are committed to providing developers with the fastest and most secure environments, as well as upstreaming our knowledge and work to benefit the entire web ecosystem. Some examples of this include:

This is just the beginning of our work in these areas and we are excited to share the breakthroughs and capabilities we have been working on over the coming months.

The future of computing Permalink

We are grateful to be a part of the Bytecode Alliance and excited to help make our shared vision a reality. If all goes as planned, this fourth decade of the web may be on the brink of getting really crazy, really fast.

StackBlitz joins the Bytecode Alliance

You can learn more about the Bytecode Alliance and ways to get involved over at bytecodealliance.org.

Eric Simons

CEO at StackBlitz making web development fast & secure. Viva la Web!

Recent Posts