Hi all, The Chrome, Skia and Google Fonts teams are collaborating on open-source memory-safe font libraries (https://docs.rs/skrifa/latest/skrifa/) for parsing, reading metadata and paths and producing and writing fonts. The goal is to create an additional backend for the SkTypeface Skia API (sibling to the SkTypeface backed by FreeType) and use it in Chrome.
We had a videochat with Werner Lemberg about the project, and would now like to share the idea with this list. We have shipped FreeType successfully to billions of users courtesy of the efforts of the FreeType maintainers and key contributors. We would like to specifically thank Werner Lemberg and Alexei Podtelezhnikov for their extensive efforts over many years. Our motivation is to improve memory safety for font processing in Chrome by use of Rust as a memory-safe language. We base this decision on our own research into the safety of code written in C and the ongoing effort required to keep the FreeType code base secure. We also observe industry momentum for usage of Rust as a memory-safe language [1], [2]. You can track our work * on the SkTypeface backend based on Fontations in Skia bug: https://bugs.chromium.org/p/skia/issues/detail?id=14259 * on the integration of this newly written backend into Chromium in Chromium bug: https://bugs.chromium.org/p/chromium/issues/detail?id=1446251 We invite you to collaborate with us on the fontations libraries, try them out for yourself, and send feedback. PRs are also most welcome. If there are things you'd approach differently given the opportunity to start again, lessons learned over the years, we would deeply appreciate it if you could take a moment to write us a note about it. Dominik [1] https://security.googleblog.com/2022/12/memory-safe-languages-in-android-13.html [2] https://github.com/dwizzzle/Presentations/blob/master/David%20Weston%20-%20Windows%2011%20Security%20by-default%20-%20Bluehat%20IL%202023.pdf
