Open ennamarie19 opened 3 weeks ago
stefan6419846
commented
3 weeks ago I am no maintainer of this project, but given the current limited maintenance state of xhtml2pdf this does not look like something which would make sense (at least in the short term) in my opinion.
timobrembeck
commented
3 weeks ago The idea sounds very cool! However, at the moment, neither me nor @luisza have a lot of time to review new contributions.
@stefan6419846 may I ask you whether you would be willing to step up as co-maintainer of this package? You seem to have great insight into the code base and were a huge help in triaging issues and reviewing pull request for quite some time!
stefan6419846
commented
3 weeks ago may I ask you whether you would be willing to step up as co-maintainer of this package? You seem to have great insight into the code base and were a huge help in triaging issues and reviewing pull request for quite some time!
My activity might be a bit misleading, but most of it tackled basic concepts which tend to not be specific about xhtml2pdf. While I might be able to support with triaging and reviewing contributions, this does not make much sense without active contributors. The last times I tried to debug some issues within xhtml2pdf myself showed a high level of complexity. Currently, I am still using xhtml2pdf, but this might change once I hit more complex to solve limitations or when reportlab decides to support its Cairo backend only.
TL;DR: I am open to help with triaging and reviewing in general, although sufficiently doing this requires active contributors which I do not see at the moment to be honest.
ennamarie19
commented
3 weeks ago Hi everyone! Just to provide some insight, there will only be one PR and that consists of three relatively simple files including a fuzz harness file, which should be simple given this project's entry points, a build.sh file that builds the fuzzer for running and a GitHub actions file that integrates fuzzing into the CI/CD pipeline. The only other time I would submit a PR would be if bugs are found by OSS-Fuzz and then I would submit a bug fix to you to merge. @timobrembeck @stefan6419846 @luisza
ennamarie19
commented
2 weeks ago Hi again, just wanted to follow-up on this issue. Can I provide any more information to help your decision? Was my previous insight helpful?
Thanks!
My name is McKenna Dallmeyer and I would like to submit xhtml2pdf to OSS-Fuzz.
If you are not familiar with the project, OSS-Fuzz is Google's platform for continuous fuzzing of Open Source Software.
In order to get the most out of this program, it would be greatly beneficial to be able to merge-in my fuzz harness and build scripts into the upstream repository and contribute bug fixes if they come up. Is this something that you would support me putting the effort into?
Thank you!