wasm outside the browser for compile-once-run-anywhere usecases with sandboxing / security guarantees

Please just use Docker in a microVM or whatever. It's 0% slower and 100% more mature.

> Please just use Docker in a microVM or whatever. It's 0% slower and 100% more mature.

Wasm has different characteristics than docker containers and as a result can target different use cases and situations. For example, Imagine needing plugins for game mods or an actor system, where you need hundreds of them or thousands, with low latency startup times and low memory footprints and low overheads. This is something you can do sanely with wasm but not with containers. So containers are great for lots of things but not every conceivable thing, there’s still a place for wasm.

But way more difficult and with a much higher attack surface area.

And also, it's not necessarily apples to apples. It would be nice to be able to drop a compiled WASM module into your codebase and use it from just about any language on the backend. You could reuse a lot of code that way across different services without the overhead of spinning up yet another container. And you could potentially even run untrusted code in a sandboxed way.

Please just use a custom FPGA hand-coded to the exact specifications of the program. It's even less than 0% slower than Docker in a microVM, and unlike Docker, it at least provides one of the two benefits that you quoted from the parent comment. Good thing we already changed the parameters of what they said they're looking for!

Getting an end user to set up and run docker to run an app is a non starter for most things.

does that allow me to do GPU and real-time audio work on windows and macos

Even for small plugins in your app?

not only is this a completely different use case, it's not even true:

https://stackoverflow.com/questions/60840320/docker-50-perfo...

Setting up docker and a microVM is orders and orders of magnitude harder and less ergonomic then using your browser. These are not at all interchangeable.