Sébastien d'Herbais de Thun

> If I understand correctly, this is not (only) about performance, but also about simplifying aspects of the code? Would you correct me or elaborate @Dherse ? The goal is...

The way I have implemented this in the past in private projects was to use a VFS and access file through that, you can make it so that it cannot...

I think you would need to make the path canonical and check it this way, since "fonts/../my_file.typ" is a valid file path on most (if not all) OSes and therefore...

As @laurmaedje reminded me of this issue, I will add to this an actual exploit that can actually be used to leak arbitrary data into a PDF without the author...

> This could also be achieved by using Linux namespaces/unshare which is similar to chroot but doesn't require special user permissions. There is a helper crate here https://docs.rs/unshare/latest/unshare/. This only...

A bit of a SPAM as I already posted this exact answer on another issue, but I feel like re-iterating: I am just here to comment regarding the idea of...

As self-appointed necromancer of GitHub issues, there is a way of solving this: one can add a `potential_errors` in the introspection loop (`typset` in `src/model/mods.rs`) outside of the loop, every...

@andreasKroepelin The reason why this happens, is because when you're in a `locate` block, you need introspection to be ready to be able to create the `Content` of that `locate`...

I think that custom join semantic could be useful in multiple areas, image effect would also benefit from this. And I am sure that a few other places might benefit...

I am wondering whether I should move the `backtrace` function into a separate `debug` environment that is only enabled using a CLI flag for now.