Subscribe
Share
Share
Embed
Programmability is experiencing a paradigm shift, and this episode explains why WebAssembly is at the center of it. F5's Lori MacVittie and Joel Moses are joined by WebAssembly expert Oscar Spencer, a longtime contributor in the space and a leader within the Bytecode Alliance, to unpack how Wasm moved from “that browser thing” to a practical foundation for modern platforms.
They break down what makes WebAssembly different: a secure sandbox designed for hostile environments, portable logic that can travel across architectures, and language flexibility that doesn’t force teams into obscure, proprietary scripting. The conversation also gets into why Wasm’s small footprint matters, from faster deployment to easier distribution at the edge, and how streaming compilation helps code start running quickly.
The most timely thread is the collision between AI-driven operations and runtime safety. As agents generate more code and policies need to adapt in real time, the risk shifts from writing logic to safely executing it. Oscar makes the case that capabilities-based security and fine-grained controls can turn WebAssembly into a “blast chamber” for AI-generated code, reducing the chances that a hallucination becomes a production outage.
If you’re thinking about plug-in architectures, safer customization, or how to scale dynamic behavior without scaling risk, this episode is your starting point.
Check out WebAssembly Unleashed: https://www.youtube.com/playlist?list=PLyqga7AXMtPNV1zr2aTWEegep0FQU6Qvj
Check out WebAssembly Unleashed: https://www.youtube.com/playlist?list=PLyqga7AXMtPNV1zr2aTWEegep0FQU6Qvj
Creators and Guests
Host
Host
Lori MacVittie
Distinguished Engineer and Chief Evangelist at F5, Lori has more than 25 years of industry experience spanning application development, IT architecture, and network and systems' operation. She co-authored the CADD profile for ANSI NCITS 320-1998 and is a prolific author with books spanning security, cloud, and enterprise architecture.
Guest
What is Pop Goes the Stack?
Explore the evolving world of application delivery and security. Each episode will dive into technologies shaping the future of operations, analyze emerging trends, and discuss the impacts of innovations on the tech stack.
00:00:05:03 - 00:00:37:23
Lori MacVittie
Welcome back to Pop Goes the Stack, where we don't just track emerging tech, we test its failover plan too. I'm Lori MacVittie, your snarky sysadmin of the future. Yeah, that sounds about right. So, sometimes. Today we're going to talk about programmability, okay. Not the kind where programmability really means, like, here's a very specific, obscure scripting language you must learn in order to make our system integrate.
00:00:37:25 - 00:01:03:18
Lori MacVittie
And yeah, I said that on purpose, Oscar, cause integration. No, we want to talk about real programmability. Right., the kind where you can use languages you already know, run the same logic everywhere, and don't have to rewrite everything every time your architecture changes its mind. Because we know that happens. So yes, if you guessed we're going to talk about WebAssembly,
00:01:03:26 - 00:01:33:06
Lori MacVittie
you were right. You get a gold star. But before you roll your eyes and mutter, "wasn't that for browsers?" stay with us, okay? Because at some point Wasm flipped the script. It made logic portable. It made customization practical. And more importantly, it made bespoke behavior something that normal teams can actually deploy without summoning the one engineer who understands this platforms ancient ruins, okay.
00:01:33:08 - 00:01:59:23
Lori MacVittie
No chicken sacrifices needed. That's awesome. So here's where it gets interesting though. In a world where AI driven operations are really starting to happen, at least according to our data, static systems don't cut it. You can't do it. Agents need to generate logic, adapt policy, and respond to change in real time. So you can see where this is going.
00:02:00:00 - 00:02:20:23
Lori MacVittie
While injection of rules is not new, doing it safely, dynamically and on the fly is. And so that's what we want to talk about today, right. Programmability is experiencing a paradigm shift and it's primarily because of Wasm. And that's why we've got Joel, who's always here, so I guess
00:02:20:25 - 00:02:21:22
Joel Moses
I'm always here Lori.
00:02:21:22 - 00:02:30:05
Lori MacVittie
Yeah, sorry. Joel doesn't matter, but we brought Oscar who is a Wasm expert like extraordinaire. So welcome, Oscar.
00:02:30:08 - 00:02:31:14
Oscar Spencer
Oh, thanks for having me.
00:02:31:16 - 00:02:38:19
Lori MacVittie
Yeah. Tell the people why you're a Wasm expert. There's something about like the Byte Code Alliance
Oscar Spencer
Yeah.
Lori MacVittie
and stuff like that.
00:02:38:22 - 00:02:58:23
Oscar Spencer
Yeah. So I've been in and around WebAssembly, you know, since the early days. WebAssembly was on by default in browsers 2017. I think that's really when I was, I was already thinking about WebAssembly by then, but that's when I think I became a WebAssembly person. But yeah, I got into WebAssembly just because I loved compilers, and I wanted to build a compiler that targeted WebAssembly.
00:02:58:23 - 00:03:18:22
Oscar Spencer
And so I had a blast doing that. And these days I do a lot of work with the Byte Code Alliance. So, I'm on the board of the Byte Code Alliance. I'm on the technical steering committee. And for the folks who don't know, the Byte Code Alliance is an organization centered around implementations of WebAssembly standards and tooling around WebAssembly specifically for use outside the browser.
00:03:18:25 - 00:03:24:29
Oscar Spencer
And so, yeah, more than happy to talk about everything WebAssembly that's not happening in the browser. But of course, the browser stuff is important too.
00:03:25:01 - 00:03:37:13
Joel Moses
Yeah, yeah. Now the browser is, of course, the place where most people have run into WebAssembly, but they may not know that they've run into it. So can you describe for us some areas where people might have run into this technology and not noticed.
00:03:37:15 - 00:04:00:00
Oscar Spencer
Yeah for sure. So I think, you know, first off, for folks thinking about WebAssembly, I want you to think about your web browser for a second. Think about what happens when you visit any website on the internet. Your web browser downloads unknown code from some server you don't trust, and then executes it on your machine, and then you enter your banking details.
00:04:00:02 - 00:04:18:21
Oscar Spencer
This is something that, you know, millions and hundreds of millions of people, if not billions of people are doing every single day. Right? So the web browser is actually the most hostile computing environment in the world. You actually need a secure sandbox to protect you from any malicious code that could be running on your machine. And that's where WebAssembly was born.
00:04:18:26 - 00:04:40:04
Oscar Spencer
Obviously, we've had JavaScript forever, but this idea of WebAssembly was, what if we could have any language compiled down to a fast byte code that ran in the browser, but we've got a guarantee that it's super secure? That it runs in the sandbox. It's not leaking out. It's not reading details from other tabs you have open. It's not, you know, going and looking at what's on the web page when it's not, when it shouldn't be doing that.
00:04:40:05 - 00:04:59:18
Oscar Spencer
And that's something that JavaScript can do by the way, but we make sure that WebAssembly can't do things like that. Yeah. Yeah. No, it's pretty crazy stuff. But this is a big deal and this is why WebAssembly came out, to be this sort of next generation of web technology. But all these beautiful sandboxing properties, it turns out they're fantastic beyond just the browser.
00:04:59:24 - 00:05:19:17
Oscar Spencer
It works out really well in, I almost said the real world, and maybe that's really offensive to some people. It's fantastic outside the browser because of these sandboxing properties. The reason why containers are so popular these days is because there's these sort of fine grained compute units where all the logic is contained in this one place
00:05:19:17 - 00:05:43:22
Oscar Spencer
and it's very easy to reason about. And WebAssembly is somewhat similar, but it's even smaller, even finer grained, and even better ways of dealing with what type of things that code is allowed to do. So WebAssembly is everywhere. If you've got a phone, you've got WebAssembly in your pocket. If you've got a smart TV, it's likely running WebAssembly. When you go and stream your favorite content online, usually like those video codecs, those are running in WebAssembly.
00:05:43:24 - 00:05:50:17
Oscar Spencer
Everything is using WebAssembly these days. And we're going to start seeing WebAssembly on things like lightbulbs soon. So definitely.
00:05:50:17 - 00:05:55:01
Lori MacVittie
Wait, no. No, not in my house you're not.
00:05:55:04 - 00:05:56:12
Oscar Spencer
You'd be surprised.
00:05:56:17 - 00:05:58:02
Lori MacVittie
I don't need that.
Oscar Spencer
You'd be very surprised.
00:05:58:05 - 00:06:19:00
Joel Moses
I mean, in the end analysis WebAssembly is a great way to run trustable code in untrustworthy environments. And that's why, and a browser being an inherently untrustable environment. But that's why it makes a really good thing to transition over into just general compute. Because now you can apply trust and you bring that along,
00:06:19:00 - 00:06:22:24
Joel Moses
that lesson that we've learned in an untrustworthy environment like the browser, right?
00:06:23:01 - 00:06:43:11
Oscar Spencer
Oh absolutely.
Lori MacVittie
Yeah. But there's like two sides to this, right? I mean, you can't just take Wasm and go, okay, I'm going to put it in this system, right. There's still, it needs interactions. That's part of the way that you sandbox is say, okay, this Wasm runtime can have access to x and y and Z but not a, b, c.
00:06:43:13 - 00:07:02:03
Oscar Spencer
Right.
Lori MacVittie
Right, and that's how you keep it contained on the side of, you know, the platform it's running in if you will. But on the other side it's really about freedom, like the language choice, right. When we ask about, you know, how do you want to do programmability in different environments, you get a lot of different answers.
00:07:02:03 - 00:07:27:18
Oscar Spencer
Oh yeah!
Lori MacVittie
People want Python. They want Java. They want JavaScript. Nobody wants certain languages.
Oscar Spencer
No.
Lori MacVittie
There's a list that just don't, they're like we don't want that. So if you choose just one, you're going to make it harder for other people. And Wasm gives you the ability to use just about any language. You wrote a language; you wrote a compiler.
00:07:27:20 - 00:07:52:15
Lori MacVittie
Bless your heart.
Oscar Spencer
Thank you.
Lori MacVittie
You know, it's not something I, you know, like doing. But you wrote one, right, and you wrote a little language called Grain. I know I've used it. I actually, I wrote, you know, a little code beyond Hello World, just to see, you know, how it works and stuff. It's great. So you can use existing languages, create new languages, and use them inside the environment to do what you need to do.
00:07:52:22 - 00:07:55:20
Oscar Spencer
Yeah.
Lori MacVittie
And that's powerful. Very powerful.
00:07:55:23 - 00:08:16:27
Oscar Spencer
Yeah. No, I mean, it's fantastic. It's sort of the dream, right? Of, you know, people have been wanting for ages just to write web apps in Python. That's something people, you know, anytime someone deals with say, like, "oh, how are these things equal in JavaScript?" That's when they say, "you know what, let's throw this language in the trash and let's go use anything else."
00:08:16:29 - 00:08:36:01
Joel Moses
Yeah.
Oscar Spencer
And so the language aspect is huge for people. And a big design goal of WebAssembly is to make it targetable by as many languages as possible, whether it's super object oriented languages or functional programing languages or whatever. The point is to be able to make it work. And we're starting to see more and more language toolchains support WebAssembly and have native compiler targets.
00:08:36:01 - 00:08:46:02
Oscar Spencer
So, not a ton of configuration on behalf of the user other than just saying, "I want this to turn into WebAssembly." Which is pretty sweet, and it's only going to get better over time.
00:08:46:04 - 00:09:08:28
Joel Moses
Now,
Lori MacVittie
One would hope.
Joel Moses
Yeah, on top of this though, you know language choice is sometimes, you know, defined as a religious choice. But there's other aspects to supporting multiple languages that are important. And one is that certain languages have extremely rich ecosystems, and other languages have a specific focus on a type of functionality that might be valuable to you, like memory safety, for example. Correct?
00:09:08:29 - 00:09:10:14
Oscar Spencer
Oh yeah. Absolutely.
00:09:10:15 - 00:09:41:04
Joel Moses
So you get to pick a language ecosystem that has the features that you need in order to deliver what your code is targeted at. And that leads us to something a little more complex, which is that programmability as a function is being embedded in lots of different platforms. Right? And it's becoming a popular choice for people to write either function as a service environments in, or to write plugin systems for other larger systems.
00:09:41:04 - 00:09:41:28
Joel Moses
Isn't that right?
00:09:42:00 - 00:10:02:05
Oscar Spencer
Oh, yeah. Absolutely. It's sort of the perfect medium to do this exact type of thing because WebAssembly binaries are incredibly small. If you think about a container, whatever, you know, application you're trying to run in that container, you've got the code for that application, but then you've also got all the code to support that application, right.
00:10:02:11 - 00:10:26:18
Oscar Spencer
So you've got whatever runtimes you need, whatever system libraries you need, in fact you have an entire operating system inside your container. And so these containers are big right? They're usually hundreds of megabytes if not several gigabytes for a lot of these containers versus WebAssembly code is actually just the code that you're trying to run. So there's, you know, you've abstracted away all the operating system, like any additional runtime whatnot.
00:10:26:19 - 00:10:45:23
Oscar Spencer
It's just the code that you want to run. So because of that, the WebAssembly binaries are incredibly small, right? They're on the order of kilobytes or maybe single digit megabytes. So in terms of having pluggable functionality to put into another application, it's fantastic because now all these plug ins are quite small. I can ship them around very easily. If I want to deploy them to the edge,
00:10:45:23 - 00:11:04:18
Oscar Spencer
that's something that's very easy for me to do. And then with WebAssembly's fine grained security controls around how that code is allowed to execute, you know that these plugins that maybe people you don't 100% trust are writing, you can run them safely and audit what their code is going to do. You can make sure they don't get into a busy loop and take over all the resources on the system.
00:11:04:21 - 00:11:16:00
Oscar Spencer
You know, you really have all these controls to really make WebAssembly a fantastic, you know, platform for doing these pluggable type of systems. And that's why we're starting to see it, you know, just about everywhere.
00:11:16:02 - 00:11:47:20
Lori MacVittie
The size thing should not be understated as a big benefit. When you're trying to do things faster, the smaller that they are make it easier, of course, to transport from one location to another over the internet tube things.
Oscar Spencer
Yeah. And you
Lori MacVittie
It's you got to be able to do it quickly because one of the problems that we have is that people can't deploy things fast enough because they're too big, hey take too long to actually transfer.
00:11:47:22 - 00:12:12:15
Lori MacVittie
They modify system behavior, system level changes, so they have to be tested and certified and rolled out in this big process, which is kind of what impacts security moving faster than it wants to. And something like Wasm and just the change that you need or the mitigation you need, you could deploy it really, really fast.
00:12:12:15 - 00:12:16:28
Lori MacVittie
And that's really important as a tool in security's toolbox.
00:12:17:01 - 00:12:38:06
Joel Moses
Right.
Oscar Spencer
Yeah. And, you know, even on that point like that was a design goal for WebAssembly, was it needed to be able to be small and start running fast. So WebAssembly code can actually, you know, download and start running before JavaScript code can even be parsed. That's like how fast it is. And in fact, one of the other beautiful things is you can do streaming compilation with WebAssembly.
00:12:38:06 - 00:12:49:04
Oscar Spencer
So before you even have the entire binary, you can already be running that WebAssembly code. Which is to me just so neat just to think about and all the things that you can build with it.
00:12:49:06 - 00:13:10:21
Joel Moses
So let's inject a little bit of an opposing view here, which is that, you know, AI is showing great promise in writing code. And so, you know, what do you say to the detractors that say, "you know, vibe coding is taking over, so a human doesn't never have to write code. So why do we care about how the code executes?"
00:13:10:24 - 00:13:12:00
Oscar Spencer
Whoo! Yeah, we
00:13:12:00 - 00:13:15:00
Lori MacVittie
What? Awww.
00:13:15:07 - 00:13:35:15
Oscar Spencer
Yeah. No, we absolutely need to care. You know, there are tons and tons of examples that we've seen of AI code just not doing the thing that you wanted it to do. And sometimes it's, you know, a little bit harmless, where maybe it just adds like a bug in this function and maybe you lost a couple hundred dollars on something, you know, not a big deal.
00:13:35:19 - 00:13:56:12
Oscar Spencer
But then there's other times that we've seen where, you know, an AI agent has just deleted an entire database. And then you tell it, "hey, you just deleted my database" and it says, "oh, you're absolutely right. I did delete your whole database." And so it's
Lori MacVittie
Sorry.
Oscar Spencer
and these types of bugs are going to be very, very common. We have to remember what, you know, these large language models are doing, right.
00:13:56:12 - 00:14:15:25
Oscar Spencer
They're just kind of predicting what code they think should be there, which is not always going to be the code that should actually be there. And so the same way that we don't trust a human writing some code, so someone deliberately doing something malicious, there are plenty of times that humans have, you know, done something that maybe they didn't mean to.
00:14:15:27 - 00:14:39:16
Oscar Spencer
An example for me, I remember I was a junior engineer, I was working as an intern at a startup and someone said, "hey, how do we fix this issue that I'm seeing?" And I remember seeing a SQL query that someone posted on slack and I grabbed that SQL query and I sent it, you know, to this other engineer, and I said, "oh, just run this on the prod database
Joel Moses
Oh, boy.
Oscar Spencer
and it'll fix that right up.
00:14:39:22 - 00:14:50:19
Lori MacVittie
Yeah.
Oscar Spencer
And of course, the other engineer was like, "Oscar, are you sure I should do this?" And of course I was like, "yes." And of course, you know, caused a massive like full day outage.
00:14:50:21 - 00:14:53:26
Oscar Spencer
But, you know
Joel Moses
That's how a junior engineer enters the food service industry.
00:14:53:29 - 00:15:15:24
Lori MacVittie
Yeah.
Oscar Spencer
Yeah. I rec-
Lori MacVittie
Yeah, a career change.
Oscar Spencer
you know, my photo was on the wall for a while, but I did recover from that. But, you know, the thing is, the same way that, you know, human engineers can make tons of CVE's and other horrible things have happened from human engineers making honest mistakes. Even if you think of AIs as not being malicious and making honest mistakes, we want to be able to protect from code doing things that it shouldn't.
00:15:15:27 - 00:15:35:01
Oscar Spencer
So specifically in the, you know, world of agentic AI, if you want to give an LLM access to perform tasks for you, or if you have an AI that is just writing code for you that you want to run, you want to have fine grained controls on what that code is allowed to do. So maybe that code shouldn't be allowed to even delete your database.
00:15:35:07 - 00:16:01:22
Oscar Spencer
Maybe that code shouldn't be allowed to go access your banking details. We want to be very specific about what that code is allowed to do. So with a capabilities-based security model of something like WebAssembly, we have way more opportunity to set up things like that. And we can run a lot of this AI generated code and feel a lot more confident that we're not going to completely screw over some particular system or completely ruin something, or take down the country's electric infrastructure because we, you know, had AI write some code.
Joel Moses
Yeah.
00:16:01:25 - 00:16:19:24
Oscar Spencer
And this is very, very serious. But a technology like WebAssembly allows you to say, "okay, people are going to do this anyway, so let's go ahead and make sure that we can do it safely and do it in a manner that we can actually recover, or prevent, you know, horrible things from happening in the first place." So it's a great set of guardrails for that exact type of use case.
00:16:19:24 - 00:16:26:21
Joel Moses
Yeah.
Lori MacVittie
Yeah, I'm think-
Joel Moses
AI can generate code faster than we can review it, which means the future is: we didn't write this, but we're going to run it anyway.
00:16:26:28 - 00:16:27:05
Oscar Spencer
Yeah. And
00:16:27:05 - 00:16:28:24
Joel Moses
That's a horror movie, Oscar.
00:16:29:00 - 00:16:45:08
Oscar Spencer
And there's tons of people who say, "oh, it doesn't matter because I have just more AIs review the code too, and so then everything is okay." But things are absolutely going to slip through the cracks. And we're starting to see it now, and it's only going to balloon to be, you know, so much bigger than it is today.
00:16:45:13 - 00:16:45:22
Joel Moses
Got it.
00:16:45:24 - 00:17:07:00
Lori MacVittie
Well, this talk about agents got me thinking. So I've been looking at agent skills for a while and agent skills is basically kind of standardizing around, well it's a file and it tells you what skills you have, which are really things you can do. Which is really code based and there is like an intersection here where Wasm is small enough,
00:17:07:01 - 00:17:27:21
Lori MacVittie
you could actually combine that with what you're saying. Like you can make a database query, but it has to go through this Wasm, right. Before, right, that's where you execute it, rather than sending it off to some random place that doesn't have those kinds of protections. So there are all sorts of intersections with AI, the way that it's being built.
00:17:27:21 - 00:17:38:01
Lori MacVittie
And, you know, we're enabling AI to use that as guardrails for execution. Like, that's a use case I hadn't considered before you mentioned.
00:17:38:03 - 00:17:50:28
Joel Moses
Yeah, kind of like WebAssembly is the AI blast chamber. You can run the code, if the model hallucinates, it can't escape into prod. It's how you keep AI from being creative with your database.
00:17:51:00 - 00:17:54:07
Oscar Spencer
Yes, very much so.
Joel Moses
Interesting.
00:17:54:09 - 00:18:28:16
Lori MacVittie
Absolutely. Wow. So, I mean, we're running out of time, which is sad because I have a feeling we could go on and discuss this topic for many, many, many, many, many more minutes.
Oscar Spencer
Oh, yes.
Lori MacVittie
But so, I'm going to do the plug thing because you two, Joel, Oscar, co-host a podcast that is focused just on WebAssembly called Wasm Unleashed. That they can find where, Oscar?
00:18:28:23 - 00:18:42:22
Oscar Spencer
Oh, you can find it everywhere. You can find it on Spotify podcast, Apple Podcasts, YouTube, and you know anywhere else you get your podcast, you can absolutely find it. So that's WebAssembly Unleashed. Give that a search and you'll absolutely find us.
00:18:42:25 - 00:18:49:11
Lori MacVittie
Yes. Yeah, full name WebAssembly Unleashed. And Joel and Oscar are are co-hosts there.
00:18:49:11 - 00:18:50:23
Joel Moses
I'm Oscar's Lori, actually.
00:18:50:25 - 00:19:10:20
Oscar Spencer
Yes.
Joel Moses
Yeah, absolutely.
Oscar Spencer
Yeah. And we always have exciting guests on. People from throughout the industry. So whether they're people running businesses using WebAssembly as a key technology or they're simply just people who are in the trenches building with WebAssembly, we have them all on and we get their perspectives. And it's,
Joel Moses
Yeah.
Oscar Spencer
it's a fantastic time.
00:19:10:23 - 00:19:36:07
Lori MacVittie
Awesome.
Joel Moses
Yeah, absolutely. And again, we want to stress WebAssembly is absolutely worth learning about. It's a fundamental kind of almost boring technology. However, with the combination of AI plus WebAssembly, we're seeing opportunities for AI to be safely run, and to have guardrails around it that don't inherently belong as part of the AI.
00:19:36:09 - 00:19:43:29
Joel Moses
And so, this world is going to combine very rapidly. And so come join us at WebAssembly unleashed, I think you'll enjoy it.
00:19:44:02 - 00:20:04:02
Lori MacVittie
Absolutely, absolutely. I think we're going to see it a lot more in the enterprise, right. It's escaped the browser. We're going to see it other places because it has great applicability inside the world of AIOps, which, you know, is one of my things I've been like passionate about lately is how do we enable that?
00:20:04:08 - 00:20:36:16
Lori MacVittie
But safely? Because we don't want junior AI engineers nuking prod, you know, deleting the entire file system, all the good things that we've heard it can do and probably will. So I think there's an intersection there, and that Wasm is going to be very important in the world of delivery and security for things like dynamic realtime rules to, you know, mitigate attacks or vulnerabilities or change routing and delivery.
00:20:36:16 - 00:20:49:07
Joel Moses
Sure.
Lori MacVittie
It's going to be, yeah, very exciting. So I think there are a lot of uses for Wasm. It's, once it escaped containment there was no stopping it. It's going to be everywhere. So, definitely
00:20:49:09 - 00:20:49:20
Joel Moses
Yeah, and Lori,
00:20:49:20 - 00:20:50:15
Lori MacVittie
definitely listen in.
00:20:50:18 - 00:20:56:29
Joel Moses
my takeaway is very similar. Although I had an additional one, which is never run a SQL query that Oscar gives me.
00:20:57:02 - 00:21:02:15
Lori MacVittie
Okay. Yep.
Joel Moses
Which is fine.
Oscar Spencer
Hey, my SQL queries have gotten far better over the years, I'll tell you.
Joel Moses
Excellent.
00:21:02:18 - 00:21:17:02
Joel Moses
But, you know, my main takeaway, though, is in an AI world, code is cheap, but safety is expensive. And so WebAssembly is simply us choosing to pay for safety up front, and the combination of the two together are going to be really impactful.
00:21:17:04 - 00:21:31:29
Lori MacVittie
Love it, love it. Well, thank you Oscar. That's a wrap for Pop Goes the Stack. If you survived this deep dive, subscribe because you're going to need what we're going to share for the next outage.