You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
However, I noticed that SVG assets hosted raw.githubusercontent.com see their URL's host rewritten to rawgithub.com. https://rawgithub.com permanently redirects to https://rawgit.com, which states that the RawGit project is reaching the end of its life:
RawGit is now in a sunset phase and will soon shut down. It's been a fun five years, but all things must end. [...] If you're currently using RawGit, please stop using it as soon as you can.
Relying on RawGit despite its sunset status may have security implications: when RawGit becomes truly defunct, its domain names may be acquired by a malevolent actor who could serve arbitrary SVGs in place of the slideshow's authors'. I've privately reached out to Ryan Grove (RawGit's author) on Twitter, who indicated he has no plans to let domain names rawgithub.com and rawgit.com lapse any time soon, but his plans may change, especially if the cost of ownership becomes prohibitive.
Moreover, the ability to run a slideshow on https://talks.godoc.org is valuable to the community, and isn't yet (AFAIK) supported on https://pkg.go.dev. Fixing this issue (by no longer relying on RawGit) would be a good thing.
The text was updated successfully, but these errors were encountered: