Lib.rs

Development toolsBuild Utils
#untrusted #font #build #ots #deps #sanitiser

build fontsan

Sanitiser for untrusted font files

by The Servo Project Developers. Owned by Martin Robinson, Josh Matthews, Servo, Samson.

1 unstable release

Uses old Rust 2015

0.6.1 Jan 21, 2026

#118 in Build Utils

Download history 463/week @ 2026-01-16 6114/week @ 2026-01-23 4552/week @ 2026-01-30 6105/week @ 2026-02-06 4316/week @ 2026-02-13 5836/week @ 2026-02-20 5640/week @ 2026-02-27 4951/week @ 2026-03-06 5233/week @ 2026-03-13 7529/week @ 2026-03-20 5871/week @ 2026-03-27

24,225 downloads per month
Used in 6 crates (via servo-fonts)

BSD-3-Clause

730KB
17K SLoC

C++ 15K SLoC // 0.1% comments C 2K SLoC // 0.2% comments Rust 173 SLoC // 0.1% comments Shell 42 SLoC // 0.2% comments

fontsan - a sanitizer for untrusted font files.

Currently, this is just a wrapper around ots, which it builds a copy of.

fontsan

Build Status

A sanitiser for untrusted font files. Currently, this is just a wrapper around ots, which it builds a copy of.

To update:

  • check the appropriate upstream tag/commit of ots and its dependencies
  • edit the _TAG variables at the top of the src/deps/update_deps.sh script
  • $ bash src/deps/update_deps.sh
  • $ git add src/deps
  • Potentially adjust the build.rs to accommodate new and removed files from the dependencies
  • make cargo build and cargo test work
  • update the crate version number and the CHANGELOG.md

License of fontsan and dependencies

  • fontsan: BSD 3-clause license
  • ots: BSD 3-clause license
  • lz4: BSD 2-Clause license
  • brotli: MIT license
  • woff2: MIT license

Dependencies

~3.5MB
~58K SLoC