If one needs to work with pdf in a JS environment one will sooner or later cross paths with pdf-lib. I noticed the last release was almost 5 years ago and the maintainers git contributions stopped at the same time. There is a second github account under the same name but the last contribution was in 2024.
Also his personal homepage (https://andrewjdillon.com/) seems to be no longer under his control, the certificate has a different CN and the websites domain is listed under the SAN (with a multitude of other domains).
If you're a serious user of this library and have time, consider forking the project, merging reasonable PRs from the original and giving some life support to it. I temporarily took over a project like that and "gave it back" after a few years when the original maintainer returned. I think it benefits everyone.
There appears to be no obvious plausible link between the SANs other than very obvious lack of plausibility to each website. They're mostly pretend (or knock-off) business websites in random countries (everywhere from Trinidad and Tobago, Germany, mainland USA, Hawaii...) in various languages and all the ones I checked have no verifiable substance to them. For example, one domain is a supposed USA shipping/logistics company whose website states they have 1949 customers and have only delivered 7126 packages, and claims a head office as a house in Renton WA, an office at a different house in Stockbridge GA and a supposed warehouse at a third house in Portland OR. Most domains don't include any valid contact or business information, even a supposed restaurant where you'd want people to find your location easily!
There does appear to be heavy use of Google Firebase, and many of the sites share the same IP address(es) for hosting. A reverse IP lookup of domains hosted at those IP addresses reveals more random suspicious domains beyond just those just listed at https://crt.sh/?q=andrewjdillon.com
Have you tried emailing him? He likely also owns hopding.com, and both domains consistently seem to be at Squarespace. The last commit on his GitHub (Feb 2025) someone commented "Good to see you're still with us :-)", so he may just not update things often.
shreddit|21 days ago
Also his personal homepage (https://andrewjdillon.com/) seems to be no longer under his control, the certificate has a different CN and the websites domain is listed under the SAN (with a multitude of other domains).
viraptor|21 days ago
dhx|20 days ago
There appears to be no obvious plausible link between the SANs other than very obvious lack of plausibility to each website. They're mostly pretend (or knock-off) business websites in random countries (everywhere from Trinidad and Tobago, Germany, mainland USA, Hawaii...) in various languages and all the ones I checked have no verifiable substance to them. For example, one domain is a supposed USA shipping/logistics company whose website states they have 1949 customers and have only delivered 7126 packages, and claims a head office as a house in Renton WA, an office at a different house in Stockbridge GA and a supposed warehouse at a third house in Portland OR. Most domains don't include any valid contact or business information, even a supposed restaurant where you'd want people to find your location easily!
There does appear to be heavy use of Google Firebase, and many of the sites share the same IP address(es) for hosting. A reverse IP lookup of domains hosted at those IP addresses reveals more random suspicious domains beyond just those just listed at https://crt.sh/?q=andrewjdillon.com
psyklic|20 days ago
dirkc|21 days ago
victorbjorklund|21 days ago
notorandit|21 days ago
Go clone the repo and work on it.
al2o3cr|20 days ago
https://github.com/Hopding/pdf-lib/issues/1720
small_model|21 days ago
veltas|21 days ago