Hello, this was me; author of JMAP and lead architect of Fastmail's web UI. The advice was intended to be "render it as plain text" AND then put it in a <pre> to preserve white space. Turns out tweets are difficult to put technical advice into, especially when you are not sure of the context the person you are talking to will bring with (so to me "render as plain text" means insert as a text node, not as innerHTML, but looking back I can see that this may not mean anything to someone with a different experience of building web apps). My apologies for the confusion.

Overture is really great. Folks who regularly mix and match from NPM (and especially those publishing packages themselves) could learn a thing or two by studying it.

Thanks! Now it's all ES modules, you can easily just pull in the bits you need without having to bundle the whole codebase, which makes it much more useful for other projects too.

I actually realized that this must be on HN because 2 different people emailed me to tell me this XSS workaround was bad advice :). Updated the post.

Hey! Awesome that you updated it! Thanks for all of your blog posts. You’re one of a few go-to blogs when I want inspiration on new things to learn. I even used your website design as a model for the default template for a static site generator I built :)