Fact vs. fiction: Why we're committed to supporting PDFium
From the desk of Jonathan Rhyne, co-founder and CEO of Nutrient
In the first article of our Fact vs. fiction series, I covered some of the most common myths surrounding the security of open source technology and shared all the reasons why Nutrient trusts and uses PDFium for PDF rendering. Today, I’ll take it a step further.
Purpose and intended audience
As with my previous article, this is aimed at decision makers who work for companies that are in the process of choosing a trusted technology partner for PDF processing, manipulation, and rendering. Whether you have a custom web, desktop, or mobile application, we understand that managers and decision makers need to be well-informed and equipped with all the facts to make such an important decision.
So I’m now going to address how and why Nutrient is committed to supporting the open source PDFium project. Google, Microsoft, Dropbox, and Nutrient are all contributors to PDFium, and that’s not going to change anytime soon. So let’s take a look at a big myth regarding open source and PDFium.
Myth — Open source technology is impossible to support and maintain
In conversations with people in this industry, we’ve heard rumors circulating that some organizations are claiming “open source technology is impossible to support and maintain.” This also infers that since Nutrient uses and leverages open source technology, we can’t properly protect our customers from malicious code or vulnerabilities.
This is simply not the case, so let me explain the “how” and the “why.”
Fact #1 — The most successful open source projects worldwide are maintained by a team of organizations
The strength of any open source project lies within its community. Full stop.
Now, I want to bring to your attention two well-known examples to analyze the criteria of what makes a successful open source project. And in fact, one of the projects leverages the other project.
Of course, I’m talking about Android OS and the Linux kernel. Here are some facts and figures to digest:
Android OS
-
Most commonly used in smartphones and tablet devices.
-
Commands a global market share of 75 percent of the mobile device market.
-
Has 2.8 billion active users.
-
Corporate contributors include Google, Intel, Samsung, IBM, and Sony.
The Linux kernel
-
Most commonly used within Android devices, cloud servers, supercomputers, network routers, and automobiles.
-
Commands a global market share of 100 percent of the supercomputer device market.
-
Commands a global market share of 75 percent of the mobile device market (thanks to Android OS).
-
Commands a global market share of 50 percent of the automotive market.
-
Has more active users than Android OS.
-
Corporate contributors include Google, Intel, Samsung, and IBM.
So whether you’re checking your email, using your phone for social media, or simply driving a car, there’s an extremely high probability that you’re interacting with a device that runs Android or Linux.
Now, I can name countless other examples, but as you can see from both cases above, these massively successful open source projects are maintained by a group of companies that have a combined stake in the success of the project.
In fact, I challenge you: Can you think of any successful open source project that’s dominated and controlled by the decisions of a single company?
Figure 1 — PDFium is used inside countless web browsers, Android devices, and Nutrient
Fact #2 — Nutrient is an active supporter of the open source PDFium project
Now, just like the Android OS and the Linux kernel, PDFium is a widely successful open source project used by billions of consumers worldwide. PDFium has reached ubiquity due to the multiple companies and the passionate developers (us included!) who support it.
For years, Nutrient has been an active supporter of PDFium by contributing source code to improve the stability and performance of the platform, and of course, by embedding it into Nutrient’s SDKs for developers.
You’ve seen the statistics for Android and Linux, so now let’s look at the stats for PDFium:
PDFium
-
The most widely used PDF rendering library worldwide.
-
Used as the PDF renderer in Android OS.
-
Used as the PDF renderer in the Chrome and MS Edge web browsers.
-
Used as the PDF renderer for Dropbox.
-
Used as the PDF renderer in Nutrient (and for all our happy customers).
-
Has more active users than Android OS.
-
Corporate contributors include Google, Microsoft, Dropbox, and Nutrient.
Quite impressive! Over the past few years, our code contributions to PDFium have been peer reviewed, battle tested, and vetted by some of the largest companies in the industry. Did you know that even Google lists PDFium on its Security Brag Sheet for its web browser engine? This is how open source is done by professionals.
Conclusion
Anyone trying to convince you that open source projects can’t be maintained is lying to you. In fact, the model followed by the most widely used and successful open source projects is to team up with other organizations who all have a combined interest in seeing the product be safe and successful. So let me repeat myself: This is how open source is done by professionals, because anything else is amateurish.
Sources
FAQ
Why is Nutrient committed to supporting PDFium?
Nutrient is committed to supporting PDFium because it’s a highly successful open source project maintained by a community of companies, including Google, Microsoft, Dropbox, and Nutrient. This collaborative effort ensures continuous improvement, stability, and security of the PDF rendering engine.
What makes PDFium a successful open source project?
PDFium is successful due to its active community of contributors and users, including major corporations. This widespread support and collaboration lead to regular updates, security enhancements, and feature additions, making PDFium a reliable and robust PDF rendering engine.
How does Nutrient contribute to the PDFium project?
Nutrient contributes to the PDFium project by providing source code improvements, enhancing stability and performance, and embedding PDFium within its own SDKs. These contributions are peer-reviewed and vetted by the community, ensuring high-quality standards.
What are the benefits of using open source PDF rendering engines like PDFium?
Using open source PDF rendering engines like PDFium offers transparency, security, and continuous innovation. The collaborative nature of open source projects ensures any vulnerabilities are quickly identified and resolved, and new features are regularly added.
How does the community ensure the security of PDFium?
The security of PDFium is ensured by the collective efforts of its community, which includes extensive code reviews, regular updates, and contributions from major tech companies. This collaborative approach ensures PDFium remains secure, stable, and up to date with the latest security standards.