news.volyx.in

EmDash – A spiritual successor to WordPress that solves plugin security (blog.cloudflare.com)

703 points by elithrar · 105 days ago · 504 comments on HN

Article summary

Cloudflare has introduced EmDash, a new content management system (CMS) that aims to be a spiritual successor to WordPress, addressing the security issues associated with WordPress plugins. EmDash is built on TypeScript, is serverless, and allows plugins to run in isolated sandboxes. It is fully open source and available on GitHub. EmDash is designed to be compatible with WordPress functionality but does not use any WordPress code.

Main themes

  • EmDash introduction
  • WordPress security issues
  • Serverless CMS
  • Plugin architecture
  • Open source development

What commenters say

  • The introduction of EmDash is seen as a potential solution to the security problems plaguing WordPress, particularly with regards to plugin vulnerabilities.
  • Some commenters believe that EmDash's serverless architecture and isolated plugin sandboxes are a step in the right direction for improving security and performance.
  • Others argue that EmDash may not be compatible with the vast array of existing WordPress plugins and themes, which could limit its adoption.
  • There is a debate about whether the ease of use and flexibility of WordPress, despite its security issues, make it a better choice for non-technical users and small businesses.
  • Some commenters think that the value of WordPress lies in its large ecosystem of plugins and themes, and that EmDash will struggle to replicate this.
  • Others suggest that the security benefits of EmDash, such as its ability to sandbox plugins, outweigh the potential drawbacks of learning a new system.
  • A few commenters are skeptical about the claim that EmDash is a completely new system, suggesting that it may be built on existing libraries and frameworks.
  • There is a discussion about the trade-offs between using a static site generator versus a CMS like WordPress or EmDash, with some arguing that static site generators are more secure and performant.