Is there any security risk to use as project with an embedded .wasm binary? Is there a build process for this that we can reproduce, or is there a way to bring our own if it's a generally available asset?
Quick update: I just added a new option where you can set a custom wasmUrl when initializing the snippet. This way you can host your own .wasm build if you want to be 100% sure it hasn’t been modified.
Also, if you look in the package.json, there is a wasm script set up. Running pnpm run wasm will build the .wasm file inside Docker, so you get a clean, repeatable build.
Here’s the commit: https://github.com/embedpdf/embed-pdf-viewer/commit/ff928377...
Thanks again for raising the point — really good feedback!