This (appears as though it) all could have happened half a decade ago had the interface-types people not abandoned[1,2] their initial problem statement of WebIDL support in WebAssembly in favour of building Yet Another IDL while declaring[3] the lack of DOM access a non-issue. (I understand the market realities that led to this, I think. This wasn’t a whim or pure NIH. Yet I still cannot help but lament the lost time.)

Better late than never I guess.

[1] https://github.com/WebAssembly/interface-types/commit/f8ba0d...

[2] https://wingolog.org/archives/2023/10/19/requiem-for-a-strin...

[3] https://queue.acm.org/detail.cfm?id=3746174

  1. Support non-Web API's
  2. Support limited cross language interop

The WASM cliff is very real. Every time I go to use it, because of the complexity of the tool chain and process of going from zero to anything at all, I feel like I'm already paying a cognitive tax. I worry that I should update my tooling, look into the latest and greatest, understand the tooling better, etc... It would be incredible to see that improved.

The difference in perf without glue is crazy. But not surprising at all. This is one of the things I almost always warn people about, because it's such a glaring foot gun when trying to do cool stuff with WASM.

The thing with components that might be addressed (maybe I missed it) is how we'd avoid introducing new complexity with them. Looking through the various examples of implementing them with different languages, I get a little spooked by how messy I can see this becoming. Given that these are early days and there's no clearly defined standard, I guess it's fair that things aren't tightened up yet.

The go example (https://component-model.bytecodealliance.org/language-suppor...) is kind of insane once you generate the files. For the consumer the experience should be better, but as a component developer, I'd hope the tooling and outputs were eventually far easier to reason about. And this is a happy path, without any kind of DOM glue or interaction with Web APIs. How complex will that get?

I suppose I could sum up the concern as shifting complexity rather than eliminating it.

I love WebAssembly components and that's great progress. But I feel like everyone is missing a golden opportunity here to take apart the giant OS-sized web API and break some of it out into smaller standard or subscribable subsets that also don't try to mix information presentation and applications in a forced way.

Example subsets:

- (mainly textual) information sharing

- media sharing

- application sharing with, small standard interface like WASI 2 or better yet including some graphics

- complex application sharing with networking

Smaller subsets of the giant web API would make for a better security situation and most importantly make it feasible for small groups to build out "browser" alternatives for information sharing, media or application sharing.

This is likely to not be pursued though because the extreme size of the web API (and CSS etc.) is one of the main things that protects browser monopolies.

Even further, create a standard webassembly registry and maybe allow people to easily combine components without necessarily implementing full subsets.

Do webassembly components track all of their dependencies? Will they assume some giant monolithic API like the DOM will be available?

What you're doing is essentially creating a distributed operating system definition (which is what the web essentially is). It can be designed in such a way that people can create clients for it without implementing massive APIs themselves.

The phrase "first-class" matters here because most developers do not reject a platform over peak performance, they reject it over friction. If the happy path still requires language-specific glue, generated shims, and a mental model of two runtimes, then WebAssembly remains something you reach for only when the pain is already extreme.

What would really change perception is not just better benchmarks, but making the boring path easy: compile with the normal toolchain, import a Web API naturally, and not have to become a part-time binding engineer to build an ordinary web app.

This was supposed to happen already in the 2000s. JVM in everywhere, especially in the browser. There was Java rings you could wear, Java Card VM (JCVM), Squawk VM, Java ME.

"Java the language is almost irrelevant. It's the design of the Java Virtual Machine. And I've seen compilers for ML, compilers for Scheme, compilers for Ada, and they all work. Not many people use them, but it doesn't matter: they all work." --James Gosling

Then Microsoft happened. MS realized that "Write Once, Run Anywhere" kills their OS monopoly, so they polluted Java with brilliant Embrace, Extend, Extinguish strategy (Sun vs. Microsoft revealed the emails where the stated goal was "Kill cross-platform Java" by growing the "polluted" Java market.):

Embrace: Microsoft licensed Java from Sun Microsystems and built the MSJVM. It was the fastest JVM for some time.

Extend: They created a programmer tool for Java with proprietary Windows-specific "extensions" and also removed standard features like RMI and JNI.

Extinguish: Developers using MS tools (90% of devlopers at the time) produced "Write Once, Run Only on Windows" software and killed it and pivoted to C# and .NET

If you’d like to get acquainted with modern WebAssembly, check out the component model book:

https://component-model.bytecodealliance.org/

It includes high level concepts, practical code samples and more that introduce the really powerful parts of WebAssembly.

With regards to the JS ecosystem specifically there are 3 projects to know:

https://github.com/bytecodealliance/StarlingMonkey

https://github.com/bytecodealliance/ComponentizeJS

https://github.com/bytecodealliance/jco

The most mature tool chain right now is Rust, but there is good support for most things with LLVM underneath (C/C++ via clang). Golang, python and support for other languages is getting better and better (tinygo and big go) and there’s even more to come.

One of the goals of WebAssembly is to melt right into your local $TOOLCHAIN as a compilation target, and we are getting closer every week.

    > be me
    > build a webassembly core module
    > give it to someone
    > they ask what imports it needs
    > they ask how to run it
    > they ask how to provide high level types to it

    > be me
    > write an IDL (WIT[0]) interface which specifies what the component should do
    > write the webassembly component

Not only are they a decade late while everyone expected WASM to liberate us from JS, and it ended up being a useless toy in JS whose improvements would have been crushed by having to send all progress to JS to apply it, but then giving it access to DOM is also something you'll realize wasn't enough a decade later. Flutter doesn't need DOM; it has all of its own engine. The browser should give the whole viewpoint to the WASM so that apps can directly implement their own GUIs. And then there will be an app revolution. You can directly port your GUI to the web and have it work. No more your GUI as a WASM worker that has to have its frames painted by JS on a canvas; direct painting. You could have wxWidgets, GTK, Flutter, ... all working insanely fast, insanely beautiful. And then people can do amazing things. Imagine a web alternative that is powered by maestro Knuth's TeX; imagine operating systems as web pages, imagine alternative layout systems that do not have to rely on Web events and frame timing. That is all if the browser allows for WASM to bypass the web part and do it itself.

It's still not a great idea IMHO ;)

(there was also some more recent discussion in here: https://news.ycombinator.com/item?id=47295837)

E.g. it feels like a lot of over-engineering just to get 2x faster string marshalling, and this is only important for exactly one use case: for creating a 1:1 mapping of the DOM API to WASM. Most other web APIs are by far not as 'granular' and string heavy as the DOM.

E.g. if I mainly work with web APIs like WebGL2, WebGPU or WebAudio I seriously doubt that the component model approach will cause a 2x speedup, the time spent in the JS shim is already negligible compared to the time spent inside the API implementations, and I don't see how the component model can help with the actually serious problems (like WebGPU mapping GPU buffers into separate ArrayBuffer objects which need to be copied in and out of the WASM heap).

It would be nice to see some benchmarks for WebGL2 and WebGPU with tens-of-thousands of draw calls, I seriously doubt there will be any significant speedup.

This article perfectly captures the frustration of the "WebAssembly wall." Writing and maintaining the JS glue code—or relying on opaque generation tools—feels like a massive step backward when you just want to ship a performant module.

The 45% overhead reduction in the Dodrio experiment by skipping the JS glue is massive. But I'm curious about the memory management implications of the WebAssembly Component Model when interacting directly with Web APIs like the DOM.

If a Wasm Component bypasses JS entirely to manipulate the DOM, how does the garbage collection boundary work? Does the Component Model rely on the recently added Wasm GC proposal to keep DOM references alive, or does it still implicitly trigger the JS engine's garbage collector under the hood?

Really excited to see this standardize so we can finally treat Wasm as a true first-class citizen.

Every new standard today doesn't care about being clean and simple to use. They all maximize the JS boilerplate needed to make a basic example work. Everything is designed today for 'engineers' and not 'authors' without any friendly default workflow. I'm glad they still care about this.

The web is fascinating: we started with a seemingly insane proposition that we could let anyone run complex programs on your machine without causing profound security issues. And it turned out that this was insane: we endured 20 years of serious browser security bugs caused chiefly by JavaScript. I'm not saying it wasn't worth it, but it was also crazy.

And now that we're getting close to have the right design principles and mitigations in place and 0-days in JS engines are getting expensive and rare... we're set on ripping it all out and replacing it with a new and even riskier execution paradigm.

I'm not mad, it's kind of beautiful.

At a high level this sounds great. But looking into the details about how the component model will be implemented, it looks very complicated due to concurrency:

https://github.com/WebAssembly/component-model/blob/main/des...

This is the right direction. Another important bit I think it’s the GC integration. Many languages such Go, C# don’t do well on wasm due the GC. They have to ship a GC as well due the lack of various GC features(I.e interior pointers)

Nice to see momentum here. Even outside of direct access to WebAPIs, having the ability to specify interfaces for WASM modules is a big deal, and unlocks all sort of cool options, like sandboxed WASM plugins for native apps...

I feel like the bottleneck for WASM integration isn't WASM itself but rather how to interface with it.

Quite often it comes with a mandatory service worker which has to be communicated to in a specific fashion, then some specific headers need to be available server side, etc. I'm not saying it's not required but ... I imagine most Web developer are used to requiring a library, calling its function, getting the result. Until it reaches that stage then JavaScript fallbacks will be preferred until there is absolutely no alternative but the WASM binary.

PS: this might sound like such a low bar... but the alternative is giving up entirely on either, starting a container with a REST API then calling it with a client. That's very easy and convenient when you've done it once and you decouple. So maybe I'm finicky but when very popular alternatives exist I believe the tipping point won't happen unless it becomes radically easier than what exists.

I don't use WASM as a replacement for JS. I never have a need to manipulate DOM, etc from WASM. JS is perfectly fine and performant for those purposes.

As I see it, WASM is used to augment the JS/WebAPI ecosystem. For example, when you need to do heavy bit manipulation, complex numerical processing. The round-trip JS->WASM->JS is an overhead. So the WASM modules should perform a substantial amount of processing to offset that inefficiency.

I frequently find that V8 optimisations yield sufficient performance without needing to delve into WASM.

IMHO if you want to write WebApps in Rust, you're holding it wrong.

Say goodbye to writing multiple kinds of plugins and userscripts for random websites I guess. I don't want the transition to wasm because it looks like it will make most things unchangeable binary blobs

I'd really like to be able to run _any_ language in the browser. WASM is a great first step.

I agree with the direction, but it seems to miss the golden hour. This concept should have been on the roadmap at least several years ago. After all, in most use cases, execution speed is not the main issue with JavaScript.

I believe that the need for JavaScript glue code has significantly hindered the appeal and interest in WASM, as well as the resulting ecosystem growth.

The web doesn't work without dynamic feature detection. I couldn't find anything in the component model about how this is expected to work.

The DOM is not a static interface, it changes both across browsers based on implemention status and also based on features enabled on a per page load basis.

The multi browser ecosystem also mainly works because of polyfills.

It's not clear how to polyfill random methods on a WIT interface or how to detect at runtime which methods exist.

OTOH the JS bridge layer we use today means you can load JS side polyfills and get wasm that's portable across browsers with no modifications. There's more to the ecosystem than just performance.

I think WASM's real problem is language fragmentation. For 3D apps, C++ makes sense. But Go and other GC languages don't perform well on WASM - they implemented their own GC anyway. And honestly, I don't see the advantage of writing web apps in Rust over JS. The ecosystem, tooling, and debugging are all better with JS.

This is a great step, if only because it enforces more convention for the "right" way to do things by providing a simpler mechanism for this.

WRT WebAssembly Components though, I do wish they'd have gone with a different name, as its definition becomes cloudy when Web Components exist, which have a very different purpose. Group naming for open source is unfortunately, very hard. Everyone has different usages of words and understanding of the wider terms being used, so this kind of overlap happens often.

I'd be curious if this will get better with LLM overseers of specs, who have wider view of the overall ecosystem.

The WASM component model is really cool in that you can export basically anything as a component and use it in basically anything else that can compile to WASM and understand components.

I would love something like this for native applications; I'm so tired having to wear C's skin every time I want to do bind together code written in different languages.

> Thankfully, there is the esm-integration proposal, which is already implemented in bundlers today and which we are actively implementing in Firefox.

From the code sample, it looks like this proposal also lets you load WASM code synchronously. If so, that would address one issue I've run into when trying to replace JS code with WASM: the ability to load and run code synchronously, during page load. Currently WASM code can only be loaded async.

We could finally write programs for the browser in any language that compiles to WebAssembly. And even mix and match multiple languages. It would be amazing.

I hope one day we can use wasm without html, just pointing the url at the wasm file

Do programmers actually write in wasm or automatic tools port/compile other languages to wasm?

It would be fascinating if someday you could implement parts of the browser using WASM modules.

The blog post exemplifies the root of the problem IMHO.

Which is to say, dancing around the core issue, which is direct DOM access as well as anything else JS has privileged access to.

Agree with the points. But when reading this, it seems much more complicated than using JavaScript on the web when developing real-world applications. However I think that will not be an issue because of AI.

Great to see it happening finally. Can we also get compute shaders with WebGL2 now? I don't want to move everything to WebGPU just for compute shaders and I don't know why they kept rejecting the proposals.

While WASM Components haven't arrived yet, what's the current best framework for JS/WASM glue?

This maybe an unpopular opinion, but I feel WebAssembly in the browser is the wrong direction - this vision to turn the browser into an OS so that we are then forced to rent every software through the "cloud" will screw all of us eventually. It is going to make the web less open. With HTML and Javascript (or even VBscript in the old IE), you could always look at the source. Good luck doing the same with WebAssembly. Soon websites will start bundling WebAssembly malwares and browsers will then also bundle an anti-virus (probably coded with WebAssembly) to counter it. Ofcourse, the anti-virus will need a "cloud service" so everything you do on the browser will be collected and sent "anonymously" ... good bye privacy.

Nothing can't be first-class as long as it is not *directly* replacing the existing first-class citizens.

If Wasm modules can be loaded like this:

    <wasm src="/module.wasm" start="main" data="..." />

...and if Wasm could access the DOM like this:

    import dom, json, re, html, urllib.parse
    from datetime import datetime
    
    params = urllib.parse.urlencode({"category": "news", "limit": 10})
    data = json.loads(await (await fetch(f"https://api.example.com/data?{params}")).string())
    container = js.document.getElementById("app")
    container.innerHTML = "".join(f"..." for i in data["items"])

...then developers would have jumped in right away.

Gretchen. Stop trying to make DOMless WASM happen. It’s not going to happen.

Wow. We need this so bad.

Agree with the points. But when reading this, it seems much more complicated than using JavaScript on the web when developing realworld applications. However I think that will not be an issue because of AI.

> Yet, it still feels like something is missing that’s holding WebAssembly back from wider adoption on the Web.

> There are multiple reasons for this, but the core issue is that WebAssembly is a second-class language on the web

It would be nice if WebAssembly would really succeed, but I have to be honest: I gave up thinking that it ever will. Too many things are unsolved here. HTML, CSS and JavaScript were a success story. WebAssembly is not; it is a niche thing and getting out of that niche is now super-hard.

WASM with DOM support will be great. Unfortunately it will also be great for obfuscation and malware.

I was just discussing/commenting on this a couple of weeks ago: https://news.ycombinator.com/item?id=47133223

Hear me out: Web APIs need to devolve into... APIs. DOM needs to devolve into a UI API. We have PWA's, File System APIs, USB APIs, peripheral device APIs, all the things a native webui client would be doing.

Yes, it is "back to square one" , we already have websites masquerading as native apps via electron and tauri.

On the other end you have a handful of tech companies dictating how our computing experience should be because they control browsers.

WASM should be the bytecode format for executing untrusted code from the network and running a UI-capable application with controlled access to the system, that runs in a secure sandbox. This is java applets but better.

You have the same issue on mobile where regular websites create apps, so they can be persistent and have access to things they shouldn't, and be all naughty. This happens because somehow we treat "native" differently than "web". it should all be restricted like web apps are, sandboxed tightly, but given access to resources like any electron app would (but not your entire file system, or entire anything, ever!)

There shouldn't be any "installing" anything, perhaps bookmarking an app instead. I'm not saying let's do away with proper native apps, non-GUI apps still have a place, as do system services and extensions which are a whole other class of system applications. But your banking app isn't one of those, neither is a social media app, or a photo editor, a game, uber,etc.. all these can run in WASM, and WASM in turn gets native access to APIs similar to but not exactly web apis. I learned in that other comment thread that replicating the web DOM APIs for WASM is a foolish effort since it is all built with JS in mind. However, an HTML5 compatible DOM layer, that is distinct from DOM-manipulation layers, and has a low-level styling layer (not a best like CSS, but something CSS can be compiled into, or that WASM styling code would natively compile into).

You will still need something to run the WASM like browsers do today, but here is the biggest value of my proposal: Unlike browsers, this would be heavily standardized, and as far as how your WASM renders and manipulates the DOM, that would be extremely consistent across WASM browsers, mainly because it would be so low-level there won't be any opinionated subjective interpretations between host apps. Unlike JS, there won't be any script runtime, unlike CSS, there is no styling engine. The responsibility of a beast like V8 is divided so that DOM, styling,security and API interactions are strongly defined in bytecode/ABI by the standard for the WASM host/browser, the actual UI of the app (tabs, themes, extensions,bookmarks, history,etc..) would not be different between WASM host/browsers, and of course the app's logic would be defined in whatever language, which will be compiled into WASM bytecode compatible with the aforementioned standard. This should result in consistent UI, fully networked apps with controlled resource access, that run ephemerally (caching as desired), storing persistent data as needed (no software updates per-app).

It is a lot of effort but consider the state of computing, between mobile apps, things like flatpak, electron, tauri, "vendoring", PWA apps, bloated chat apps like slack, teams, element, discord, web framework mess,etc.. is this the chaos we want to leave the next generation?

It might take a long time, but isn't it good to "build trees under whose shade you'll never sit"?

This is a brilliant idea for webassembly, implementing the core browser features as libraries - they should do it.

(though i do like the open code nature of the internet even if a lot of the javascript source code is unreadable and/or obfuscated)

Another important aspect is that, without an external library like `wabt`, I can't just open Notepad, write some inline WASM/WAT in HTML and preview it in a browser, in the same way that HTML+CSS+JS works. Having to obtain a full working toolchain is not very friendly for quick prototyping and demonstrative needs.

I already hate it

There is a massive, pathetic drop in quality from the system designs of the past compared to the garbage we are seeing nowadays

You can tell they are fully embracing slop and stupid design

Tehy are trading efficiency and elegance for bloat, and it is absolute trash

They have stopped engineering, they abstraction junkies

OGs don't want to be associated with any of that trash, and it shows

[flagged]

[flagged]

Discussed 12 days ago (13 comments):

https://news.ycombinator.com/item?id=47167944

[dead]

[dead]

[flagged]

No no no, wasm has shitty speed if you want to emulate something (it doesn't even support JIT), the problem is in its architecture (tons of restrictions like no self modifying code, no jumps).. this can't be fixed, we need something real, something like WebKVM.

[flagged]

The strength—and also the weakness—lies in how WASM is consumed in the browser. During instantiation, JavaScript engines validate the module and reject it if it uses unsupported instructions or features. In practice, due to browser compatibility differences, WASM modules often need to be built in multiple variants, such as a baseline version, a SIMD version, a SIMD+threads version, and so on. This is a significant pain compared to native binaries, which can rely on runtime feature detection and dynamic dispatch.

I don't understand the push to make the browser a tool for securely running general purpose applications. This is the job of the OS. We keep building layers on top of layers of abstraction instead of fixing or improving what we have.

I think web apps are dead anyway and the browser is heading towards being a legacy software. The future is small ephemeral UIs generated on the fly by LLMs that have access to datasources. WASM is too late.

It's simple.

JavaScript is the right abstraction for running untrusted apps in a browser.

WebAssembly is the wrong abstraction for running untrusted apps in a browser.

Browser engines evolve independently of one another, and the same web app must be able to run in many versions of the same browser and also in different browsers. Dynamic typing is ideal for this. JavaScript has dynamic typing.

Browser engines deal in objects. Each part of the web page is an object. JavaScript is object oriented.

WebAssembly is statically typed and its most fundamental abstraction is linear memory. It's a poor fit for the web.

Sure, modern WebAssembly has GC'd objects, but that breaks WebAssembly's main feature: the ability to have native compilers target it.

I think WebAssembly is doomed to be a second-class citizen on the web indefinitely.