{"id":21385336,"url":"https://github.com/touchifyapp/wasm-ttf2woff","last_synced_at":"2025-09-18T00:39:44.766Z","repository":{"id":57397106,"uuid":"312364584","full_name":"touchifyapp/wasm-ttf2woff","owner":"touchifyapp","description":"A WebAssembly module that converts TTF/OTF fonts to WOFF who can run in Browser or in Node.JS","archived":false,"fork":false,"pushed_at":"2020-11-12T19:03:38.000Z","size":351,"stargazers_count":9,"open_issues_count":1,"forks_count":1,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-09-04T11:46:30.438Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/touchifyapp.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2020-11-12T18:37:36.000Z","updated_at":"2023-04-14T06:17:30.000Z","dependencies_parsed_at":"2022-09-07T09:20:39.176Z","dependency_job_id":null,"html_url":"https://github.com/touchifyapp/wasm-ttf2woff","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/touchifyapp/wasm-ttf2woff","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/touchifyapp%2Fwasm-ttf2woff","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/touchifyapp%2Fwasm-ttf2woff/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/touchifyapp%2Fwasm-ttf2woff/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/touchifyapp%2Fwasm-ttf2woff/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/touchifyapp","download_url":"https://codeload.github.com/touchifyapp/wasm-ttf2woff/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/touchifyapp%2Fwasm-ttf2woff/sbom","scorecard":{"id":895514,"data":{"date":"2025-08-11","repo":{"name":"github.com/touchifyapp/wasm-ttf2woff","commit":"81e0f7d2a508ffd9349f57928a6f1b25464e5f25"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":2.4,"checks":[{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/release.yml:1","Warn: no topLevel permission defined: .github/workflows/unit-tests.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Code-Review","score":0,"reason":"Found 0/15 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Binary-Artifacts","score":8,"reason":"binaries present in source code","details":["Warn: binary detected: dist/browser/ttf2woff.wasm:1","Warn: binary detected: dist/node/ttf2woff.wasm:1"],"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"SAST","score":0,"reason":"no SAST tool detected","details":["Warn: no pull requests merged into dev branch"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Pinned-Dependencies","score":2,"reason":"dependency not pinned by hash detected -- score normalized to 2","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/touchifyapp/wasm-ttf2woff/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/touchifyapp/wasm-ttf2woff/release.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/touchifyapp/wasm-ttf2woff/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/touchifyapp/wasm-ttf2woff/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/unit-tests.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/touchifyapp/wasm-ttf2woff/unit-tests.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/unit-tests.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/touchifyapp/wasm-ttf2woff/unit-tests.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/unit-tests.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/touchifyapp/wasm-ttf2woff/unit-tests.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/unit-tests.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/touchifyapp/wasm-ttf2woff/unit-tests.yml/master?enable=pin","Warn: downloadThenRun not pinned by hash: .github/workflows/release.yml:33","Warn: npmCommand not pinned by hash: .github/workflows/release.yml:58","Warn: downloadThenRun not pinned by hash: .github/workflows/unit-tests.yml:26","Info:   0 out of   6 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   2 third-party GitHubAction dependencies pinned","Info:   2 out of   3 npmCommand dependencies pinned","Info:   0 out of   2 downloadThenRun dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Vulnerabilities","score":0,"reason":"39 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: RUSTSEC-2022-0078 / GHSA-f85w-wvc7-crwc","Warn: Project is vulnerable to: RUSTSEC-2022-0054 / GHSA-rc23-xxgq-x27g","Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8","Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92","Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw","Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw","Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg","Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275","Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c","Warn: Project is vulnerable to: GHSA-w573-4hg7-7wgq","Warn: Project is vulnerable to: GHSA-fjxv-7rqg-78g4","Warn: Project is vulnerable to: GHSA-ww39-953v-wcq6","Warn: Project is vulnerable to: GHSA-43f8-2h32-f4cj","Warn: Project is vulnerable to: GHSA-qqgx-2p2h-9c37","Warn: Project is vulnerable to: GHSA-896r-f27r-55mw","Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h","Warn: Project is vulnerable to: GHSA-29mw-wpgm-hmr9","Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm","Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv","Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3","Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h","Warn: Project is vulnerable to: GHSA-5fw9-fq32-wv5p","Warn: Project is vulnerable to: GHSA-rp65-9cf3-cjxr","Warn: Project is vulnerable to: GHSA-hj48-42vr-x3v9","Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp","Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6","Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm","Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw","Warn: Project is vulnerable to: GHSA-44c6-4v22-4mhx","Warn: Project is vulnerable to: GHSA-4x5v-gmq8-25ch","Warn: Project is vulnerable to: GHSA-4wf5-vphf-c2xc","Warn: Project is vulnerable to: GHSA-jgrx-mgxx-jf9v","Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3","Warn: Project is vulnerable to: GHSA-7p7h-4mm5-852v","Warn: Project is vulnerable to: GHSA-38fc-wpqx-33j7","Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7","Warn: Project is vulnerable to: GHSA-6fc8-4gx4-v693","Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q","Warn: Project is vulnerable to: GHSA-c4w7-xm78-47vh"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-24T13:33:09.011Z","repository_id":57397106,"created_at":"2025-08-24T13:33:09.011Z","updated_at":"2025-08-24T13:33:09.011Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":275690656,"owners_count":25510497,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-17T02:00:09.119Z","response_time":84,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-22T11:46:53.007Z","updated_at":"2025-09-18T00:39:44.723Z","avatar_url":"https://github.com/touchifyapp.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# wasm-ttf2woff\n[![NPM version](https://img.shields.io/npm/v/wasm-ttf2woff.svg)](https://npmjs.org/package/wasm-ttf2woff)\n[![Unit Tests](https://github.com/touchifyapp/wasm-ttf2woff/workflows/Unit%20Tests/badge.svg)](https://github.com/touchifyapp/wasm-ttf2woff/actions?query=workflow%3A%22Unit+Tests%22)\n[![License](https://img.shields.io/badge/license-MIT-green.svg)](http://opensource.org/licenses/MIT)\n[![semantic-release](https://img.shields.io/badge/%20%20%F0%9F%93%A6%F0%9F%9A%80-semantic--release-e10079.svg)](https://github.com/semantic-release/semantic-release)\n\n`wasm-ttf2woff` is an utility that converts TTF/OTF fonts to WOFF format.\n\nIt is build using WebAssembly so it can run natively in Node.js or in directly in the browser.\nIt can be very usefull for any webfont generation tools.\n\nWebAssembly also allows code to run much faster that pure javascript implementation.\n\n## Installation\n\n```bash\n$ npm install wasm-ttf2woff\n```\n\n## Usage\n\n### Node.JS\n\n```typescript\nimport { ttf2woff } from \"wasm-ttf2woff\";\nimport { promises as fs } from \"fs\";\n\nasync function convert(file: string): Promise\u003cBuffer\u003e {\n    // Read the font\n    const content = await fs.readFile(file);\n\n    // Convert the font to WOFF\n    const woff = await ttf2woff(content);\n\n    // Transform result to Node.JS Buffer\n    return Buffer.from(woff);\n}\n```\n\n### Browser\n\n```typescript\nimport { init, ttf2woff } from \"wasm-ttf2woff\";\n\nasync function convert(blob: Blob): Promise\u003cBlob\u003e {\n    // Transforms the Blob to ArrayBuffer\n    const buffer = await blob.arrayBuffer();\n    \n    // Transforms the ArrayBuffer to Uint8Array\n    const content = new Uint8Array(buffer);\n\n    // Initialize wasm\n    await init(\"path/to/ttf2woff.wasm\");\n\n    // Convert the font to WOFF\n    const woff = await ttf2woff(content);\n\n    // Creates a new Blob from the result\n    return new Blob([woff], { type: \"font/woff\" });\n}\n```\n\nNote 1: If you do not call `init()` before running `ttf2woff`, the WASM will be loaded assuming that `ttf2woff.wasm` is in the same directory as the current running page.\n\nNote 2: The `init()` function could be called with:\n - `string`: the path to the WASM.\n - `URL`: the parsed URL to the WASM.\n - `Request`: a `fetch` preconfigured Request to the WASM.\n - `Response`: a `fetch` Response which contains the WASM.\n - `ArrayBuffer`: an ArrayBuffer which contains the WASM.\n - `WebAssembly.Module`: the WASM compiled and instantiated. \n\n## Contributing\n\nYou are very welcome to contribute to the project. Here are the instructions to build and run the project from source.\n\n### Prerequistes\n\n- [X] [Node.JS](https://nodejs.org/en/download/) 12+\n- [X] [Rust](https://www.rust-lang.org/tools/install) 1.47+\n- [X] [wasm-pack](https://rustwasm.github.io/wasm-pack/installer/)\n\n### Steps\n\n```bash\n# Clone the project\ngit clone https://github.com/touchifyapp/wasm-ttf2woff\n\n# Move to the project dir\ncd ttf2woff\n\n# Install dependencies\nnpm ci\n\n# Build the source wasm\nnpm run build:rust\n```\n\n### Common tasks\n\n```bash\n# Build the full project\nnpm run build\n\n# Run unit tests (needs python)\nnpm test\n```\n\n## License\n\nThis project is under [MIT](./LICENSE) License. See the LICENSE file for the full license text.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftouchifyapp%2Fwasm-ttf2woff","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftouchifyapp%2Fwasm-ttf2woff","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftouchifyapp%2Fwasm-ttf2woff/lists"}