Question on Binary building
Closed this issue · 1 comments
First off, want to say thanks for putting together this gem, it makes wkhtmltopdf deployment to Heroku easy without blowing up the dyno size.
But, I am curious about how your binary is built, and I'm assuming that a Docker image is created using either FROM heroku/heroku:22-build
or FROM heroku/heroku:20-build
that compiles the binary shipped in this package. While the simplicity of this gem is nice, at some point from a security standpoint, it probably makes sense for applications to build these binaries from scratch instead of relying on a compiled executable that they are not able to inspect or verify.
Hi - sorry for the super late response. this repo is not currently active 🥲
For your question - yes - it's better to use a Docker Image or a custom heroku stack to get the binary built from scratch. This gem only provides prebuilt binaries from official sources.