JavaScript's date object has been tricky for years, but that is changing.
The NEW Temporal API brings,
π Easily handle time zones
π Precise date math
π Parse ISO strings without errors
β Durations, date ranges, and more.
Start experimenting π
developer.mozilla.org/en-US/docs/...
This standard is still in development, at labs.etsi.org/rep/stan4cra... , with weekly meetings freely accessible to open source developers, as well as ETSI members. Please get in touch with me if you want to be involved.
I spoke at FOSDEM about the new European web browser security standard, under development in ETSI, as part of the Cyber Resilience Act. Video here: mirror.as35701.net/video.fosdem...
In addition to development in GitLab, we have regular calls. The next one is tomorrow, Feb 3rd at 3 PM (CET). If you want to join this or a future call, please DM me and we can discuss how that works.
Be the first to file an issue! No one from outside ETSI administration has done so yet, so this is a prize you can claim. labs.etsi.org/rep/stan4cra...
At ETSI, we're developing a new European standard about web browser security to support the Cyber Resilience Act. Come read the draft at labs.etsi.org/rep/stan4cra...
The draft standard now entering a public review phase, so *we need your opinions, thoughts and analysis to improve it*. This article explains where things are, and how to get involved.
www.agoria.be/en/services/...
For this reason, there's an ongoing standardization effort translate these principles into more clear requirements to meet, to make it easier to demonstrate compliance.
The Cyber Resilience Act mandates that commercial software handle vulnerabilities well. What does that mean exactly? The CRA names sound principles in Annex I Part II, but applying them in practice is another thing.
My FOSDEM talk:
The Cyber Resilience Act and web browsers
The Cyber Resilience Act defines web browsers as an important product requiring special attention to cybersecurity requirements. What does this mean? How can you participate in defining in what it means for a web browser to be secure?
OK thanks I'll rename it brb
RESCHEDULED: Please join Daniel Thompson-Yvetot and me on Tuesday the 27th, at 1 PM Central European Time for an interactive deep dive into the draft standard for BROWSERS under the Cyber Resilience Act (CRA). www.stan4cra.eu/event-detail...
Rescheduled for Tuesday, the 27th at 1 PM. Hope to see you there!
This event is postponed. I'll post here again when it is rescheduled.
Our work in this area is funded by the European Commission and EFTA.
Find the current draft in docbox.etsi.org/CYBER/CYBER/...
File any issues in labs.etsi.org/rep/stan4cra...
Please join @denjell.bsky.social and me on Thursday, 3:30 PM Central European Time for a deep dive into the draft standard for BROWSERS under the Cyber Resilience Act (CRA). www.stan4cra.eu/event-detail...
Thank you for everyoneβs support while I focused on my health over the past few months.
If you want to get involved, or have ideas for how to spread the word and get others involved, Iβd love to be in touch. Please DM me here, or see other contact methods at littledan.dev
This work is co-funded by the EC and EFTA.
Another path to involvement is to become a paid (!) contributor to these standards via a CYBERSTAND.eu grant. Find more information at cyberstand.eu/10th-specific-service-procedure-sme-perspective . Please apply even if youβre not sure if you are qualified!
- In FOSDEM on January 31st in Brussels, in the βCRA in practiceβ dev room will be open Saturday from 15:00-19:00 in room UA2.114 (Baudoux) fosdem.org/2026/schedul...
- In Zagreb on January 20th, there will be a βCRA Standards Unlockedβ event cyberstand.eu/events/cra-s... , one of several events over the coming months around Europe: cyberstand.eu/events
If youβre interested in getting involved, there are a number of free-to-join, publicly streamed conferences coming up which discuss CRA and the βverticalβ standards for particular high-risk products including web browsers:
This effort isnβt about mandating new practices from an ivory tower, but rather collecting best practices deployed today and encouraging their consistent usage more broadly. We need browser engineers and web security experts to be involved to accurately document these security best practices.
Weβre very interested in feedback. The easiest way to provide feedback is in a GitLab issue. File issues in labs.etsi.org/rep/stan4cra... . Anyone can sign up for an account and post issues. Please apply the template carefully to give the committee all it needs to address on your comment.
This browser security standard is in active development, with the work in progress published on ETSIβs website. You can find the current draft in docbox.etsi.org/CYBER/CYBER/... . Look for βbrowserβ within that directory.
ETSI (a European Standards Organization, like Ecma or W3C but specifically authorized to write standards referenced by EU law) is developing a standard for one way to demonstrate that a browser meets these additional cybersecurity requirements.
The European Unionβs new law, the Cyber Resilience Act (CRA) requires all commercial software made available in Europe to meet essential cybersecurity requirements, and correctly calls out web browsers as a high-risk type of product with additional security requirements.
Iβm getting involved in security standards for web browsers as part of my new role at CrabNebula! Itβs important to ensure that the webβs security model is not compromised, as browser engines evolve, new browser derivatives become more popular, and brand new web engines emerge.
I have left work and standards for now to focus on my health. Thanks everyone for understanding.
