Because this code will be exposed on every single webpage you load, and historically these kind of parsers have had a number of security problems.
Something something memory safety, but this is the situation that currently exists.
"All the image parsers" would be a very bad idea. Years ago there was a bug in some Linux setups where all gstreamer codecs were exposed in Firefox, and it was a huge problem (similar: https://lwn.net/Articles/708196/ – although the one I remember is much older, around 2010 or so).
It's not really comparable to all the old terminfo entries from decades ago: the vendor controls those terminfo entries, not $random_websites. Maybe the ncurses terminfo parser actually does have some buffer overflow (there's an entire mini-programming language in terminfo), but if it does it's not really a huge acute problem.
Because this code will be exposed on every single webpage you load, and historically these kind of parsers have had a number of security problems.
Something something memory safety, but this is the situation that currently exists.
"All the image parsers" would be a very bad idea. Years ago there was a bug in some Linux setups where all gstreamer codecs were exposed in Firefox, and it was a huge problem (similar: https://lwn.net/Articles/708196/ – although the one I remember is much older, around 2010 or so).
It's not really comparable to all the old terminfo entries from decades ago: the vendor controls those terminfo entries, not $random_websites. Maybe the ncurses terminfo parser actually does have some buffer overflow (there's an entire mini-programming language in terminfo), but if it does it's not really a huge acute problem.