I personally think the security risk with this is minimal. Chrome runs the JS in PDFs in a very limited version of V8 (without a JIT compiler or WASM support), so the JS interpreter should be pretty secure. The JS APIs are also super limited so there's not a whole lot a bad actor can do.

I got Linux running in a PDF file using a RISC-V emulator.

PDFs support Javascript, so Emscripten is used to compile the TinyEMU emulator to asm.js, which runs in the PDF. It boots in about 30 seconds and emulates a riscv32 buildroot system.

linux.doompdf.dev/linux.pdf
github.com/ading2210/li...

Someone made a Twitter account under my name and pulled a crypto scam with it while I was asleep.

I don't use Twitter, and I don't mess with crypto related things at all.

The fake account is deleted now, but man it feels terrible to see someone use my work to scam people.

It's fixed now in the latest commit. Before, I had removed the screen melt animation because it blocks the main thread. In JS, if this happens, nothing on the screen can be updated, so effectively the game just froze for the duration of the animation.

I made a Doom source port that runs within a PDF file.

PDFs support Javascript, so Emscripten is used to compile Doom to asm.js, which is then run within the PDF engine. Input/output is done by manipulating text input fields.

doompdf.pages.dev/doom.pdf

github.com/ading2210/do...