tag | ee9c9a13e88350609866ea4f5884c142efbe02c4 | |
---|---|---|
tagger | Khaled Hosny <khaled@aliftype.com> | Tue Dec 28 04:21:12 2021 |
object | d9455ebb1628f5bb8902767bf7f7717e82c27d28 |
Version 8.2.0 - Various improvements to debug messages. - Man pages for installed executables that missed ones. - Improvements to test suite. - Fix CFF2 vsindex handling.
commit | d9455ebb1628f5bb8902767bf7f7717e82c27d28 | [log] [tgz] |
---|---|---|
author | Khaled Hosny <khaled@aliftype.com> | Tue Dec 28 04:20:43 2021 |
committer | Khaled Hosny <khaled@aliftype.com> | Tue Dec 28 04:20:43 2021 |
tree | a3d91a2aa87be6f8184c2426428d0a60a2661c5f | |
parent | e49edc2548c6f731e9f479dc60e8b64367ea0abd [diff] |
[ci] Thinko
The OpenType Sanitizer (OTS) parses and serializes OpenType files (OTF, TTF) and WOFF and WOFF2 font files, validating them and sanitizing them as it goes.
The C library is integrated into Chromium and Firefox, and also simple command line tools to check files offline in a Terminal.
The CSS font-face property is great for web typography. Having to use images in order to get the correct typeface is a great sadness; one should be able to use vectors.
However, on many platforms the system-level TrueType font renderers have never been part of the attack surface before, and putting them on the front line is a scary proposition... Especially on platforms like Windows, where it's a closed-source blob running with high privilege.
Instructions below are for building standalone OTS utilities, if you want to use OTS as a library then the recommended way is to copy the source code and integrate it into your existing build system. Our build system does not build a shared library intentionally.
Build OTS:
$ meson build $ ninja -C build
Run the tests (if you wish):
$ ninja -C build test
See docs
Thanks to Alex Russell for the original idea.